View Javadoc

1   //
2   //  ========================================================================
3   //  Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd.
4   //  ------------------------------------------------------------------------
5   //  All rights reserved. This program and the accompanying materials
6   //  are made available under the terms of the Eclipse Public License v1.0
7   //  and Apache License v2.0 which accompanies this distribution.
8   //
9   //      The Eclipse Public License is available at
10  //      http://www.eclipse.org/legal/epl-v10.html
11  //
12  //      The Apache License v2.0 is available at
13  //      http://www.opensource.org/licenses/apache2.0.php
14  //
15  //  You may elect to redistribute this code under either of these licenses.
16  //  ========================================================================
17  //
18  
19  package org.eclipse.jetty.server;
20  
21  import javax.servlet.ServletRequest;
22  import javax.servlet.ServletResponse;
23  import javax.servlet.http.HttpServletRequest;
24  import javax.servlet.http.HttpServletResponse;
25  
26  
27  /* ------------------------------------------------------------ */
28  /** The Authentication state of a request.
29   * <p>
30   * The Authentication state can be one of several sub-types that
31   * reflects where the request is in the many different authentication
32   * cycles. Authentication might not yet be checked or it might be checked
33   * and failed, checked and deferred or succeeded. 
34   * 
35   */
36  public interface Authentication
37  {
38      /* ------------------------------------------------------------ */
39      /** A successful Authentication with User information.
40       */
41      public interface User extends Authentication
42      {
43          String getAuthMethod();
44          UserIdentity getUserIdentity(); 
45          boolean isUserInRole(UserIdentity.Scope scope,String role);
46          void logout();
47      }
48      
49      /* ------------------------------------------------------------ */
50      /** A wrapped authentication with methods provide the
51       * wrapped request/response for use by the application
52       */
53      public interface Wrapped extends Authentication
54      {
55          HttpServletRequest getHttpServletRequest();
56          HttpServletResponse getHttpServletResponse();
57      }
58      
59      /* ------------------------------------------------------------ */
60      /** A deferred authentication with methods to progress 
61       * the authentication process.
62       */
63      public interface Deferred extends Authentication
64      {
65          /* ------------------------------------------------------------ */
66          /** Authenticate if possible without sending a challenge.
67           * This is used to check credentials that have been sent for 
68           * non-manditory authentication.
69           * @return The new Authentication state.
70           */
71          Authentication authenticate(ServletRequest request);
72  
73          /* ------------------------------------------------------------ */
74          /** Authenticate and possibly send a challenge.
75           * This is used to initiate authentication for previously 
76           * non-manditory authentication.
77           * @return The new Authentication state.
78           */
79          Authentication authenticate(ServletRequest request,ServletResponse response);
80          
81          
82          /* ------------------------------------------------------------ */
83          /** Login with the LOGIN authenticator
84           * @param username
85           * @param password
86           * @return The new Authentication state
87           */
88          Authentication login(String username,String password);
89      }
90  
91      
92      /* ------------------------------------------------------------ */
93      /** Authentication Response sent state.
94       * Responses are sent by authenticators either to issue an
95       * authentication challenge or on successful authentication in
96       * order to redirect the user to the original URL.
97       */
98      public interface ResponseSent extends Authentication
99      { 
100     }
101     
102     /* ------------------------------------------------------------ */
103     /** An Authentication Challenge has been sent.
104      */
105     public interface Challenge extends ResponseSent
106     { 
107     }
108 
109     /* ------------------------------------------------------------ */
110     /** An Authentication Failure has been sent.
111      */
112     public interface Failure extends ResponseSent
113     { 
114     }
115 
116     public interface SendSuccess extends ResponseSent
117     {
118     }
119 
120     /* ------------------------------------------------------------ */
121     /** Unauthenticated state.
122      * <p> 
123      * This convenience instance is for non mandatory authentication where credentials
124      * have been presented and checked, but failed authentication. 
125      */
126     public final static Authentication UNAUTHENTICATED = new Authentication(){@Override
127     public String toString(){return "UNAUTHENTICATED";}};
128 
129     /* ------------------------------------------------------------ */
130     /** Authentication not checked
131      * <p>
132      * This convenience instance us for non mandatory authentication when no 
133      * credentials are present to be checked.
134      */
135     public final static Authentication NOT_CHECKED = new Authentication(){@Override
136     public String toString(){return "NOT CHECKED";}};
137 
138     /* ------------------------------------------------------------ */
139     /** Authentication challenge sent.
140      * <p>
141      * This convenience instance is for when an authentication challenge has been sent.
142      */
143     public final static Authentication SEND_CONTINUE = new Authentication.Challenge(){@Override
144     public String toString(){return "CHALLENGE";}};
145 
146     /* ------------------------------------------------------------ */
147     /** Authentication failure sent.
148      * <p>
149      * This convenience instance is for when an authentication failure has been sent.
150      */
151     public final static Authentication SEND_FAILURE = new Authentication.Failure(){@Override
152     public String toString(){return "FAILURE";}};
153     public final static Authentication SEND_SUCCESS = new SendSuccess(){@Override
154     public String toString(){return "SEND_SUCCESS";}};
155 }