1 //
2 // ========================================================================
3 // Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd.
4 // ------------------------------------------------------------------------
5 // All rights reserved. This program and the accompanying materials
6 // are made available under the terms of the Eclipse Public License v1.0
7 // and Apache License v2.0 which accompanies this distribution.
8 //
9 // The Eclipse Public License is available at
10 // http://www.eclipse.org/legal/epl-v10.html
11 //
12 // The Apache License v2.0 is available at
13 // http://www.opensource.org/licenses/apache2.0.php
14 //
15 // You may elect to redistribute this code under either of these licenses.
16 // ========================================================================
17 //
18
19 package org.eclipse.jetty.server;
20
21 import javax.servlet.ServletRequest;
22 import javax.servlet.ServletResponse;
23 import javax.servlet.http.HttpServletRequest;
24 import javax.servlet.http.HttpServletResponse;
25
26
27 /* ------------------------------------------------------------ */
28 /** The Authentication state of a request.
29 * <p>
30 * The Authentication state can be one of several sub-types that
31 * reflects where the request is in the many different authentication
32 * cycles. Authentication might not yet be checked or it might be checked
33 * and failed, checked and deferred or succeeded.
34 *
35 */
36 public interface Authentication
37 {
38 /* ------------------------------------------------------------ */
39 /** A successful Authentication with User information.
40 */
41 public interface User extends Authentication
42 {
43 String getAuthMethod();
44 UserIdentity getUserIdentity();
45 boolean isUserInRole(UserIdentity.Scope scope,String role);
46 void logout();
47 }
48
49 /* ------------------------------------------------------------ */
50 /** A wrapped authentication with methods provide the
51 * wrapped request/response for use by the application
52 */
53 public interface Wrapped extends Authentication
54 {
55 HttpServletRequest getHttpServletRequest();
56 HttpServletResponse getHttpServletResponse();
57 }
58
59 /* ------------------------------------------------------------ */
60 /** A deferred authentication with methods to progress
61 * the authentication process.
62 */
63 public interface Deferred extends Authentication
64 {
65 /* ------------------------------------------------------------ */
66 /** Authenticate if possible without sending a challenge.
67 * This is used to check credentials that have been sent for
68 * non-manditory authentication.
69 * @return The new Authentication state.
70 */
71 Authentication authenticate(ServletRequest request);
72
73 /* ------------------------------------------------------------ */
74 /** Authenticate and possibly send a challenge.
75 * This is used to initiate authentication for previously
76 * non-manditory authentication.
77 * @return The new Authentication state.
78 */
79 Authentication authenticate(ServletRequest request,ServletResponse response);
80
81
82 /* ------------------------------------------------------------ */
83 /** Login with the LOGIN authenticator
84 * @param username
85 * @param password
86 * @return The new Authentication state
87 */
88 Authentication login(String username,String password);
89 }
90
91
92 /* ------------------------------------------------------------ */
93 /** Authentication Response sent state.
94 * Responses are sent by authenticators either to issue an
95 * authentication challenge or on successful authentication in
96 * order to redirect the user to the original URL.
97 */
98 public interface ResponseSent extends Authentication
99 {
100 }
101
102 /* ------------------------------------------------------------ */
103 /** An Authentication Challenge has been sent.
104 */
105 public interface Challenge extends ResponseSent
106 {
107 }
108
109 /* ------------------------------------------------------------ */
110 /** An Authentication Failure has been sent.
111 */
112 public interface Failure extends ResponseSent
113 {
114 }
115
116 public interface SendSuccess extends ResponseSent
117 {
118 }
119
120 /* ------------------------------------------------------------ */
121 /** Unauthenticated state.
122 * <p>
123 * This convenience instance is for non mandatory authentication where credentials
124 * have been presented and checked, but failed authentication.
125 */
126 public final static Authentication UNAUTHENTICATED = new Authentication(){@Override
127 public String toString(){return "UNAUTHENTICATED";}};
128
129 /* ------------------------------------------------------------ */
130 /** Authentication not checked
131 * <p>
132 * This convenience instance us for non mandatory authentication when no
133 * credentials are present to be checked.
134 */
135 public final static Authentication NOT_CHECKED = new Authentication(){@Override
136 public String toString(){return "NOT CHECKED";}};
137
138 /* ------------------------------------------------------------ */
139 /** Authentication challenge sent.
140 * <p>
141 * This convenience instance is for when an authentication challenge has been sent.
142 */
143 public final static Authentication SEND_CONTINUE = new Authentication.Challenge(){@Override
144 public String toString(){return "CHALLENGE";}};
145
146 /* ------------------------------------------------------------ */
147 /** Authentication failure sent.
148 * <p>
149 * This convenience instance is for when an authentication failure has been sent.
150 */
151 public final static Authentication SEND_FAILURE = new Authentication.Failure(){@Override
152 public String toString(){return "FAILURE";}};
153 public final static Authentication SEND_SUCCESS = new SendSuccess(){@Override
154 public String toString(){return "SEND_SUCCESS";}};
155 }