1 // ========================================================================
2 // Copyright (c) 2008-2009 Mort Bay Consulting Pty. Ltd.
3 // ------------------------------------------------------------------------
4 // All rights reserved. This program and the accompanying materials
5 // are made available under the terms of the Eclipse Public License v1.0
6 // and Apache License v2.0 which accompanies this distribution.
7 // The Eclipse Public License is available at
8 // http://www.eclipse.org/legal/epl-v10.html
9 // The Apache License v2.0 is available at
10 // http://www.opensource.org/licenses/apache2.0.php
11 // You may elect to redistribute this code under either of these licenses.
12 // ========================================================================
13
14 package org.eclipse.jetty.server;
15
16 import javax.servlet.ServletRequest;
17 import javax.servlet.ServletResponse;
18 import javax.servlet.http.HttpServletRequest;
19 import javax.servlet.http.HttpServletResponse;
20
21
22 /* ------------------------------------------------------------ */
23 /** The Authentication state of a request.
24 * <p>
25 * The Authentication state can be one of several sub-types that
26 * reflects where the request is in the many different authentication
27 * cycles. Authentication might not yet be checked or it might be checked
28 * and failed, checked and deferred or succeeded.
29 *
30 */
31 public interface Authentication
32 {
33
34
35 /* ------------------------------------------------------------ */
36 /** A successful Authentication with User information.
37 */
38 public interface User extends Authentication
39 {
40 String getAuthMethod();
41 UserIdentity getUserIdentity();
42 boolean isUserInRole(UserIdentity.Scope scope,String role);
43 void logout();
44 }
45
46 /* ------------------------------------------------------------ */
47 /** A wrapped authentication with methods provide the
48 * wrapped request/response for use by the application
49 */
50 public interface Wrapped extends Authentication
51 {
52 HttpServletRequest getHttpServletRequest();
53 HttpServletResponse getHttpServletResponse();
54 }
55
56 /* ------------------------------------------------------------ */
57 /** A deferred authentication with methods to progress
58 * the authentication process.
59 */
60 public interface Deferred extends Authentication
61 {
62 /* ------------------------------------------------------------ */
63 /** Authenticate if possible without sending a challenge.
64 * This is used to check credentials that have been sent for
65 * non-manditory authentication.
66 * @return The new Authentication state.
67 */
68 Authentication authenticate();
69
70 /* ------------------------------------------------------------ */
71 /** Authenticate and possibly send a challenge.
72 * This is used to initiate authentication for previously
73 * non-manditory authentication.
74 * @return The new Authentication state.
75 */
76 Authentication authenticate(ServletRequest request,ServletResponse response);
77
78
79 /* ------------------------------------------------------------ */
80 /** Login with the LOGIN authenticator
81 * @param username
82 * @param password
83 * @return The new Authentication state
84 */
85 Authentication login(String username,String password);
86 }
87
88
89 /* ------------------------------------------------------------ */
90 /** Authentication Response sent state.
91 * Responses are sent by authenticators either to issue an
92 * authentication challenge or on successful authentication in
93 * order to redirect the user to the original URL.
94 */
95 public interface ResponseSent extends Authentication
96 {
97 }
98
99 /* ------------------------------------------------------------ */
100 /** An Authentication Challenge has been sent.
101 */
102 public interface Challenge extends ResponseSent
103 {
104 }
105
106 /* ------------------------------------------------------------ */
107 /** An Authentication Failure has been sent.
108 */
109 public interface Failure extends ResponseSent
110 {
111 }
112
113 public interface SendSuccess extends ResponseSent
114 {
115 }
116
117 /* ------------------------------------------------------------ */
118 /** Unauthenticated state.
119 * <p>
120 * This convenience instance is for non mandatory authentication where credentials
121 * have been presented and checked, but failed authentication.
122 */
123 public final static Authentication UNAUTHENTICATED = new Authentication(){public String toString(){return "UNAUTHENTICATED";}};
124
125 /* ------------------------------------------------------------ */
126 /** Authentication not checked
127 * <p>
128 * This convenience instance us for non mandatory authentication when no
129 * credentials are present to be checked.
130 */
131 public final static Authentication NOT_CHECKED = new Authentication(){public String toString(){return "NOT CHECKED";}};
132
133 /* ------------------------------------------------------------ */
134 /** Authentication challenge sent.
135 * <p>
136 * This convenience instance is for when an authentication challenge has been sent.
137 */
138 public final static Authentication SEND_CONTINUE = new Authentication.Challenge(){public String toString(){return "CHALLENGE";}};
139
140 /* ------------------------------------------------------------ */
141 /** Authentication failure sent.
142 * <p>
143 * This convenience instance is for when an authentication failure has been sent.
144 */
145 public final static Authentication SEND_FAILURE = new Authentication.Failure(){public String toString(){return "FAILURE";}};
146 public final static Authentication SEND_SUCCESS = new SendSuccess(){public String toString(){return "SEND_SUCCESS";}};
147 }