1 // 2 // ======================================================================== 3 // Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd. 4 // ------------------------------------------------------------------------ 5 // All rights reserved. This program and the accompanying materials 6 // are made available under the terms of the Eclipse Public License v1.0 7 // and Apache License v2.0 which accompanies this distribution. 8 // 9 // The Eclipse Public License is available at 10 // http://www.eclipse.org/legal/epl-v10.html 11 // 12 // The Apache License v2.0 is available at 13 // http://www.opensource.org/licenses/apache2.0.php 14 // 15 // You may elect to redistribute this code under either of these licenses. 16 // ======================================================================== 17 // 18 19 package org.eclipse.jetty.server; 20 21 import javax.servlet.ServletRequest; 22 import javax.servlet.ServletResponse; 23 import javax.servlet.http.HttpServletRequest; 24 import javax.servlet.http.HttpServletResponse; 25 26 27 /* ------------------------------------------------------------ */ 28 /** The Authentication state of a request. 29 * <p> 30 * The Authentication state can be one of several sub-types that 31 * reflects where the request is in the many different authentication 32 * cycles. Authentication might not yet be checked or it might be checked 33 * and failed, checked and deferred or succeeded. 34 * 35 */ 36 public interface Authentication 37 { 38 /* ------------------------------------------------------------ */ 39 /** A successful Authentication with User information. 40 */ 41 public interface User extends Authentication 42 { getAuthMethod()43 String getAuthMethod(); getUserIdentity()44 UserIdentity getUserIdentity(); isUserInRole(UserIdentity.Scope scope,String role)45 boolean isUserInRole(UserIdentity.Scope scope,String role); logout()46 void logout(); 47 } 48 49 /* ------------------------------------------------------------ */ 50 /** A wrapped authentication with methods provide the 51 * wrapped request/response for use by the application 52 */ 53 public interface Wrapped extends Authentication 54 { getHttpServletRequest()55 HttpServletRequest getHttpServletRequest(); getHttpServletResponse()56 HttpServletResponse getHttpServletResponse(); 57 } 58 59 /* ------------------------------------------------------------ */ 60 /** A deferred authentication with methods to progress 61 * the authentication process. 62 */ 63 public interface Deferred extends Authentication 64 { 65 /* ------------------------------------------------------------ */ 66 /** Authenticate if possible without sending a challenge. 67 * This is used to check credentials that have been sent for 68 * non-manditory authentication. 69 * @return The new Authentication state. 70 */ authenticate(ServletRequest request)71 Authentication authenticate(ServletRequest request); 72 73 /* ------------------------------------------------------------ */ 74 /** Authenticate and possibly send a challenge. 75 * This is used to initiate authentication for previously 76 * non-manditory authentication. 77 * @return The new Authentication state. 78 */ authenticate(ServletRequest request,ServletResponse response)79 Authentication authenticate(ServletRequest request,ServletResponse response); 80 81 82 /* ------------------------------------------------------------ */ 83 /** Login with the LOGIN authenticator 84 * @param username 85 * @param password 86 * @return The new Authentication state 87 */ login(String username,Object password,ServletRequest request)88 Authentication login(String username,Object password,ServletRequest request); 89 } 90 91 92 /* ------------------------------------------------------------ */ 93 /** Authentication Response sent state. 94 * Responses are sent by authenticators either to issue an 95 * authentication challenge or on successful authentication in 96 * order to redirect the user to the original URL. 97 */ 98 public interface ResponseSent extends Authentication 99 { 100 } 101 102 /* ------------------------------------------------------------ */ 103 /** An Authentication Challenge has been sent. 104 */ 105 public interface Challenge extends ResponseSent 106 { 107 } 108 109 /* ------------------------------------------------------------ */ 110 /** An Authentication Failure has been sent. 111 */ 112 public interface Failure extends ResponseSent 113 { 114 } 115 116 public interface SendSuccess extends ResponseSent 117 { 118 } 119 120 /* ------------------------------------------------------------ */ 121 /** Unauthenticated state. 122 * <p> 123 * This convenience instance is for non mandatory authentication where credentials 124 * have been presented and checked, but failed authentication. 125 */ 126 public final static Authentication UNAUTHENTICATED = new Authentication(){@Override 127 public String toString(){return "UNAUTHENTICATED";}}; 128 129 /* ------------------------------------------------------------ */ 130 /** Authentication not checked 131 * <p> 132 * This convenience instance us for non mandatory authentication when no 133 * credentials are present to be checked. 134 */ 135 public final static Authentication NOT_CHECKED = new Authentication(){@Override 136 public String toString(){return "NOT CHECKED";}}; 137 138 /* ------------------------------------------------------------ */ 139 /** Authentication challenge sent. 140 * <p> 141 * This convenience instance is for when an authentication challenge has been sent. 142 */ 143 public final static Authentication SEND_CONTINUE = new Authentication.Challenge(){@Override 144 public String toString(){return "CHALLENGE";}}; 145 146 /* ------------------------------------------------------------ */ 147 /** Authentication failure sent. 148 * <p> 149 * This convenience instance is for when an authentication failure has been sent. 150 */ 151 public final static Authentication SEND_FAILURE = new Authentication.Failure(){@Override 152 public String toString(){return "FAILURE";}}; 153 public final static Authentication SEND_SUCCESS = new SendSuccess(){@Override 154 public String toString(){return "SEND_SUCCESS";}}; 155 } 156