1 //
2 // ========================================================================
3 // Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd.
4 // ------------------------------------------------------------------------
5 // All rights reserved. This program and the accompanying materials
6 // are made available under the terms of the Eclipse Public License v1.0
7 // and Apache License v2.0 which accompanies this distribution.
8 //
9 // The Eclipse Public License is available at
10 // http://www.eclipse.org/legal/epl-v10.html
11 //
12 // The Apache License v2.0 is available at
13 // http://www.opensource.org/licenses/apache2.0.php
14 //
15 // You may elect to redistribute this code under either of these licenses.
16 // ========================================================================
17 //
18
19 package org.eclipse.jetty.server;
20
21 import javax.servlet.ServletRequest;
22 import javax.servlet.ServletResponse;
23 import javax.servlet.http.HttpServletRequest;
24 import javax.servlet.http.HttpServletResponse;
25
26
27 /* ------------------------------------------------------------ */
28 /** The Authentication state of a request.
29 * <p>
30 * The Authentication state can be one of several sub-types that
31 * reflects where the request is in the many different authentication
32 * cycles. Authentication might not yet be checked or it might be checked
33 * and failed, checked and deferred or succeeded.
34 *
35 */
36 public interface Authentication
37 {
38 /* ------------------------------------------------------------ */
39 public static class Failed extends QuietServletException
40 {
41 public Failed(String message)
42 {
43 super(message);
44 }
45 }
46
47 /* ------------------------------------------------------------ */
48 /** A successful Authentication with User information.
49 */
50 public interface User extends Authentication
51 {
52 String getAuthMethod();
53 UserIdentity getUserIdentity();
54 boolean isUserInRole(UserIdentity.Scope scope,String role);
55 void logout();
56 }
57
58 /* ------------------------------------------------------------ */
59 /** A wrapped authentication with methods provide the
60 * wrapped request/response for use by the application
61 */
62 public interface Wrapped extends Authentication
63 {
64 HttpServletRequest getHttpServletRequest();
65 HttpServletResponse getHttpServletResponse();
66 }
67
68 /* ------------------------------------------------------------ */
69 /** A deferred authentication with methods to progress
70 * the authentication process.
71 */
72 public interface Deferred extends Authentication
73 {
74 /* ------------------------------------------------------------ */
75 /** Authenticate if possible without sending a challenge.
76 * This is used to check credentials that have been sent for
77 * non-manditory authentication.
78 * @return The new Authentication state.
79 */
80 Authentication authenticate(ServletRequest request);
81
82 /* ------------------------------------------------------------ */
83 /** Authenticate and possibly send a challenge.
84 * This is used to initiate authentication for previously
85 * non-manditory authentication.
86 * @return The new Authentication state.
87 */
88 Authentication authenticate(ServletRequest request,ServletResponse response);
89
90
91 /* ------------------------------------------------------------ */
92 /** Login with the LOGIN authenticator
93 * @param username
94 * @param password
95 * @return The new Authentication state
96 */
97 Authentication login(String username,Object password,ServletRequest request);
98 }
99
100
101 /* ------------------------------------------------------------ */
102 /** Authentication Response sent state.
103 * Responses are sent by authenticators either to issue an
104 * authentication challenge or on successful authentication in
105 * order to redirect the user to the original URL.
106 */
107 public interface ResponseSent extends Authentication
108 {
109 }
110
111 /* ------------------------------------------------------------ */
112 /** An Authentication Challenge has been sent.
113 */
114 public interface Challenge extends ResponseSent
115 {
116 }
117
118 /* ------------------------------------------------------------ */
119 /** An Authentication Failure has been sent.
120 */
121 public interface Failure extends ResponseSent
122 {
123 }
124
125 public interface SendSuccess extends ResponseSent
126 {
127 }
128
129 /* ------------------------------------------------------------ */
130 /** Unauthenticated state.
131 * <p>
132 * This convenience instance is for non mandatory authentication where credentials
133 * have been presented and checked, but failed authentication.
134 */
135 public final static Authentication UNAUTHENTICATED = new Authentication(){@Override
136 public String toString(){return "UNAUTHENTICATED";}};
137
138 /* ------------------------------------------------------------ */
139 /** Authentication not checked
140 * <p>
141 * This convenience instance us for non mandatory authentication when no
142 * credentials are present to be checked.
143 */
144 public final static Authentication NOT_CHECKED = new Authentication(){@Override
145 public String toString(){return "NOT CHECKED";}};
146
147 /* ------------------------------------------------------------ */
148 /** Authentication challenge sent.
149 * <p>
150 * This convenience instance is for when an authentication challenge has been sent.
151 */
152 public final static Authentication SEND_CONTINUE = new Authentication.Challenge(){@Override
153 public String toString(){return "CHALLENGE";}};
154
155 /* ------------------------------------------------------------ */
156 /** Authentication failure sent.
157 * <p>
158 * This convenience instance is for when an authentication failure has been sent.
159 */
160 public final static Authentication SEND_FAILURE = new Authentication.Failure(){@Override
161 public String toString(){return "FAILURE";}};
162 public final static Authentication SEND_SUCCESS = new SendSuccess(){@Override
163 public String toString(){return "SEND_SUCCESS";}};
164 }