1 // ======================================================================== 2 // Copyright (c) 2008-2009 Mort Bay Consulting Pty. Ltd. 3 // ------------------------------------------------------------------------ 4 // All rights reserved. This program and the accompanying materials 5 // are made available under the terms of the Eclipse Public License v1.0 6 // and Apache License v2.0 which accompanies this distribution. 7 // The Eclipse Public License is available at 8 // http://www.eclipse.org/legal/epl-v10.html 9 // The Apache License v2.0 is available at 10 // http://www.opensource.org/licenses/apache2.0.php 11 // You may elect to redistribute this code under either of these licenses. 12 // ======================================================================== 13 14 package org.eclipse.jetty.server; 15 16 import javax.servlet.ServletRequest; 17 import javax.servlet.ServletResponse; 18 import javax.servlet.http.HttpServletRequest; 19 import javax.servlet.http.HttpServletResponse; 20 21 22 /* ------------------------------------------------------------ */ 23 /** The Authentication state of a request. 24 * <p> 25 * The Authentication state can be one of several sub-types that 26 * reflects where the request is in the many different authentication 27 * cycles. Authentication might not yet be checked or it might be checked 28 * and failed, checked and deferred or succeeded. 29 * 30 */ 31 public interface Authentication 32 { 33 34 35 /* ------------------------------------------------------------ */ 36 /** A successful Authentication with User information. 37 */ 38 public interface User extends Authentication 39 { 40 String getAuthMethod(); 41 UserIdentity getUserIdentity(); 42 boolean isUserInRole(UserIdentity.Scope scope,String role); 43 void logout(); 44 } 45 46 /* ------------------------------------------------------------ */ 47 /** A wrapped authentication with methods provide the 48 * wrapped request/response for use by the application 49 */ 50 public interface Wrapped extends Authentication 51 { 52 HttpServletRequest getHttpServletRequest(); 53 HttpServletResponse getHttpServletResponse(); 54 } 55 56 /* ------------------------------------------------------------ */ 57 /** A deferred authentication with methods to progress 58 * the authentication process. 59 */ 60 public interface Deferred extends Authentication 61 { 62 /* ------------------------------------------------------------ */ 63 /** Authenticate if possible without sending a challenge. 64 * This is used to check credentials that have been sent for 65 * non-manditory authentication. 66 * @return The new Authentication state. 67 */ 68 Authentication authenticate(ServletRequest request); 69 70 /* ------------------------------------------------------------ */ 71 /** Authenticate and possibly send a challenge. 72 * This is used to initiate authentication for previously 73 * non-manditory authentication. 74 * @return The new Authentication state. 75 */ 76 Authentication authenticate(ServletRequest request,ServletResponse response); 77 78 79 /* ------------------------------------------------------------ */ 80 /** Login with the LOGIN authenticator 81 * @param username 82 * @param password 83 * @return The new Authentication state 84 */ 85 Authentication login(String username,String password); 86 } 87 88 89 /* ------------------------------------------------------------ */ 90 /** Authentication Response sent state. 91 * Responses are sent by authenticators either to issue an 92 * authentication challenge or on successful authentication in 93 * order to redirect the user to the original URL. 94 */ 95 public interface ResponseSent extends Authentication 96 { 97 } 98 99 /* ------------------------------------------------------------ */ 100 /** An Authentication Challenge has been sent. 101 */ 102 public interface Challenge extends ResponseSent 103 { 104 } 105 106 /* ------------------------------------------------------------ */ 107 /** An Authentication Failure has been sent. 108 */ 109 public interface Failure extends ResponseSent 110 { 111 } 112 113 public interface SendSuccess extends ResponseSent 114 { 115 } 116 117 /* ------------------------------------------------------------ */ 118 /** Unauthenticated state. 119 * <p> 120 * This convenience instance is for non mandatory authentication where credentials 121 * have been presented and checked, but failed authentication. 122 */ 123 public final static Authentication UNAUTHENTICATED = new Authentication(){@Override 124 public String toString(){return "UNAUTHENTICATED";}}; 125 126 /* ------------------------------------------------------------ */ 127 /** Authentication not checked 128 * <p> 129 * This convenience instance us for non mandatory authentication when no 130 * credentials are present to be checked. 131 */ 132 public final static Authentication NOT_CHECKED = new Authentication(){@Override 133 public String toString(){return "NOT CHECKED";}}; 134 135 /* ------------------------------------------------------------ */ 136 /** Authentication challenge sent. 137 * <p> 138 * This convenience instance is for when an authentication challenge has been sent. 139 */ 140 public final static Authentication SEND_CONTINUE = new Authentication.Challenge(){@Override 141 public String toString(){return "CHALLENGE";}}; 142 143 /* ------------------------------------------------------------ */ 144 /** Authentication failure sent. 145 * <p> 146 * This convenience instance is for when an authentication failure has been sent. 147 */ 148 public final static Authentication SEND_FAILURE = new Authentication.Failure(){@Override 149 public String toString(){return "FAILURE";}}; 150 public final static Authentication SEND_SUCCESS = new SendSuccess(){@Override 151 public String toString(){return "SEND_SUCCESS";}}; 152 }