1 //
2 //  ========================================================================
3 //  Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd.
4 //  ------------------------------------------------------------------------
5 //  All rights reserved. This program and the accompanying materials
6 //  are made available under the terms of the Eclipse Public License v1.0
7 //  and Apache License v2.0 which accompanies this distribution.
8 //
9 //      The Eclipse Public License is available at
10 //      http://www.eclipse.org/legal/epl-v10.html
11 //
12 //      The Apache License v2.0 is available at
13 //      http://www.opensource.org/licenses/apache2.0.php
14 //
15 //  You may elect to redistribute this code under either of these licenses.
16 //  ========================================================================
17 //
18 
19 package org.eclipse.jetty.security;
20 
21 import java.util.Set;
22 
23 import javax.servlet.ServletContext;
24 import javax.servlet.ServletRequest;
25 import javax.servlet.ServletResponse;
26 
27 import org.eclipse.jetty.server.Authentication;
28 import org.eclipse.jetty.server.Authentication.User;
29 import org.eclipse.jetty.server.Server;
30 
31 /**
32  * Authenticator Interface
33  * <p>
34  * An Authenticator is responsible for checking requests and sending
35  * response challenges in order to authenticate a request.
36  * Various types of {@link Authentication} are returned in order to
37  * signal the next step in authentication.
38  *
39  * @version $Rev: 4793 $ $Date: 2009-03-19 00:00:01 +0100 (Thu, 19 Mar 2009) $
40  */
41 public interface Authenticator
42 {
43     /* ------------------------------------------------------------ */
44     /**
45      * Configure the Authenticator
46      * @param configuration
47      */
setConfiguration(AuthConfiguration configuration)48     void setConfiguration(AuthConfiguration configuration);
49 
50     /* ------------------------------------------------------------ */
51     /**
52      * @return The name of the authentication method
53      */
getAuthMethod()54     String getAuthMethod();
55 
56     /* ------------------------------------------------------------ */
57     /** Validate a response
58      * @param request The request
59      * @param response The response
60      * @param mandatory True if authentication is mandatory.
61      * @return An Authentication.  If Authentication is successful, this will be a {@link org.eclipse.jetty.server.Authentication.User}. If a response has
62      * been sent by the Authenticator (which can be done for both successful and unsuccessful authentications), then the result will
63      * implement {@link org.eclipse.jetty.server.Authentication.ResponseSent}.  If Authentication is not manditory, then a
64      * {@link org.eclipse.jetty.server.Authentication.Deferred} may be returned.
65      *
66      * @throws ServerAuthException
67      */
validateRequest(ServletRequest request, ServletResponse response, boolean mandatory)68     Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory) throws ServerAuthException;
69 
70     /* ------------------------------------------------------------ */
71     /**
72      * @param request
73      * @param response
74      * @param mandatory
75      * @param validatedUser
76      * @return true if response is secure
77      * @throws ServerAuthException
78      */
secureResponse(ServletRequest request, ServletResponse response, boolean mandatory, User validatedUser)79     boolean secureResponse(ServletRequest request, ServletResponse response, boolean mandatory, User validatedUser) throws ServerAuthException;
80 
81 
82     /* ------------------------------------------------------------ */
83     /* ------------------------------------------------------------ */
84     /* ------------------------------------------------------------ */
85     /**
86      * Authenticator Configuration
87      */
88     interface AuthConfiguration
89     {
getAuthMethod()90         String getAuthMethod();
getRealmName()91         String getRealmName();
92 
93         /** Get a SecurityHandler init parameter
94          * @see SecurityHandler#getInitParameter(String)
95          * @param param parameter name
96          * @return Parameter value or null
97          */
getInitParameter(String param)98         String getInitParameter(String param);
99 
100         /* ------------------------------------------------------------ */
101         /** Get a SecurityHandler init parameter names
102          * @see SecurityHandler#getInitParameterNames()
103          * @return Set of parameter names
104          */
getInitParameterNames()105         Set<String> getInitParameterNames();
106 
getLoginService()107         LoginService getLoginService();
getIdentityService()108         IdentityService getIdentityService();
isSessionRenewedOnAuthentication()109         boolean isSessionRenewedOnAuthentication();
110     }
111 
112     /* ------------------------------------------------------------ */
113     /* ------------------------------------------------------------ */
114     /* ------------------------------------------------------------ */
115     /**
116      * Authenticator Factory
117      */
118     interface Factory
119     {
getAuthenticator(Server server, ServletContext context, AuthConfiguration configuration, IdentityService identityService, LoginService loginService)120         Authenticator getAuthenticator(Server server, ServletContext context, AuthConfiguration configuration, IdentityService identityService, LoginService loginService);
121     }
122 }
123