1 // 2 // ======================================================================== 3 // Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd. 4 // ------------------------------------------------------------------------ 5 // All rights reserved. This program and the accompanying materials 6 // are made available under the terms of the Eclipse Public License v1.0 7 // and Apache License v2.0 which accompanies this distribution. 8 // 9 // The Eclipse Public License is available at 10 // http://www.eclipse.org/legal/epl-v10.html 11 // 12 // The Apache License v2.0 is available at 13 // http://www.opensource.org/licenses/apache2.0.php 14 // 15 // You may elect to redistribute this code under either of these licenses. 16 // ======================================================================== 17 // 18 19 package org.eclipse.jetty.server; 20 21 import javax.servlet.ServletRequest; 22 import javax.servlet.ServletResponse; 23 import javax.servlet.http.HttpServletRequest; 24 import javax.servlet.http.HttpServletResponse; 25 26 27 /* ------------------------------------------------------------ */ 28 /** The Authentication state of a request. 29 * <p> 30 * The Authentication state can be one of several sub-types that 31 * reflects where the request is in the many different authentication 32 * cycles. Authentication might not yet be checked or it might be checked 33 * and failed, checked and deferred or succeeded. 34 * 35 */ 36 public interface Authentication 37 { 38 /* ------------------------------------------------------------ */ 39 public static class Failed extends QuietServletException 40 { 41 public Failed(String message) 42 { 43 super(message); 44 } 45 } 46 47 /* ------------------------------------------------------------ */ 48 /** A successful Authentication with User information. 49 */ 50 public interface User extends Authentication 51 { 52 String getAuthMethod(); 53 UserIdentity getUserIdentity(); 54 boolean isUserInRole(UserIdentity.Scope scope,String role); 55 void logout(); 56 } 57 58 /* ------------------------------------------------------------ */ 59 /** A wrapped authentication with methods provide the 60 * wrapped request/response for use by the application 61 */ 62 public interface Wrapped extends Authentication 63 { 64 HttpServletRequest getHttpServletRequest(); 65 HttpServletResponse getHttpServletResponse(); 66 } 67 68 /* ------------------------------------------------------------ */ 69 /** A deferred authentication with methods to progress 70 * the authentication process. 71 */ 72 public interface Deferred extends Authentication 73 { 74 /* ------------------------------------------------------------ */ 75 /** Authenticate if possible without sending a challenge. 76 * This is used to check credentials that have been sent for 77 * non-manditory authentication. 78 * @return The new Authentication state. 79 */ 80 Authentication authenticate(ServletRequest request); 81 82 /* ------------------------------------------------------------ */ 83 /** Authenticate and possibly send a challenge. 84 * This is used to initiate authentication for previously 85 * non-manditory authentication. 86 * @return The new Authentication state. 87 */ 88 Authentication authenticate(ServletRequest request,ServletResponse response); 89 90 91 /* ------------------------------------------------------------ */ 92 /** Login with the LOGIN authenticator 93 * @param username 94 * @param password 95 * @return The new Authentication state 96 */ 97 Authentication login(String username,Object password,ServletRequest request); 98 } 99 100 101 /* ------------------------------------------------------------ */ 102 /** Authentication Response sent state. 103 * Responses are sent by authenticators either to issue an 104 * authentication challenge or on successful authentication in 105 * order to redirect the user to the original URL. 106 */ 107 public interface ResponseSent extends Authentication 108 { 109 } 110 111 /* ------------------------------------------------------------ */ 112 /** An Authentication Challenge has been sent. 113 */ 114 public interface Challenge extends ResponseSent 115 { 116 } 117 118 /* ------------------------------------------------------------ */ 119 /** An Authentication Failure has been sent. 120 */ 121 public interface Failure extends ResponseSent 122 { 123 } 124 125 public interface SendSuccess extends ResponseSent 126 { 127 } 128 129 /* ------------------------------------------------------------ */ 130 /** Unauthenticated state. 131 * <p> 132 * This convenience instance is for non mandatory authentication where credentials 133 * have been presented and checked, but failed authentication. 134 */ 135 public final static Authentication UNAUTHENTICATED = new Authentication(){@Override 136 public String toString(){return "UNAUTHENTICATED";}}; 137 138 /* ------------------------------------------------------------ */ 139 /** Authentication not checked 140 * <p> 141 * This convenience instance us for non mandatory authentication when no 142 * credentials are present to be checked. 143 */ 144 public final static Authentication NOT_CHECKED = new Authentication(){@Override 145 public String toString(){return "NOT CHECKED";}}; 146 147 /* ------------------------------------------------------------ */ 148 /** Authentication challenge sent. 149 * <p> 150 * This convenience instance is for when an authentication challenge has been sent. 151 */ 152 public final static Authentication SEND_CONTINUE = new Authentication.Challenge(){@Override 153 public String toString(){return "CHALLENGE";}}; 154 155 /* ------------------------------------------------------------ */ 156 /** Authentication failure sent. 157 * <p> 158 * This convenience instance is for when an authentication failure has been sent. 159 */ 160 public final static Authentication SEND_FAILURE = new Authentication.Failure(){@Override 161 public String toString(){return "FAILURE";}}; 162 public final static Authentication SEND_SUCCESS = new SendSuccess(){@Override 163 public String toString(){return "SEND_SUCCESS";}}; 164 }