1// 2// ======================================================================== 3// Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd. 4// ------------------------------------------------------------------------ 5// All rights reserved. This program and the accompanying materials 6// are made available under the terms of the Eclipse Public License v1.0 7// and Apache License v2.0 which accompanies this distribution. 8// 9// The Eclipse Public License is available at 10// http://www.eclipse.org/legal/epl-v10.html 11// 12// The Apache License v2.0 is available at 13// http://www.opensource.org/licenses/apache2.0.php 14// 15// You may elect to redistribute this code under either of these licenses. 16// ======================================================================== 17// 18 19package org.eclipse.jetty.security; 20 21import java.util.Set; 22 23import javax.servlet.ServletContext; 24import javax.servlet.ServletRequest; 25import javax.servlet.ServletResponse; 26 27import org.eclipse.jetty.server.Authentication; 28import org.eclipse.jetty.server.Authentication.User; 29import org.eclipse.jetty.server.Server; 30 31/** 32 * Authenticator Interface 33 * <p> 34 * An Authenticator is responsible for checking requests and sending 35 * response challenges in order to authenticate a request. 36 * Various types of {@link Authentication} are returned in order to 37 * signal the next step in authentication. 38 * 39 * @version $Rev: 4793 $ $Date: 2009-03-19 00:00:01 +0100 (Thu, 19 Mar 2009) $ 40 */ 41public interface Authenticator 42{ 43 /* ------------------------------------------------------------ */ 44 /** 45 * Configure the Authenticator 46 * @param configuration 47 */ 48 void setConfiguration(AuthConfiguration configuration); 49 50 /* ------------------------------------------------------------ */ 51 /** 52 * @return The name of the authentication method 53 */ 54 String getAuthMethod(); 55 56 /* ------------------------------------------------------------ */ 57 /** Validate a response 58 * @param request The request 59 * @param response The response 60 * @param mandatory True if authentication is mandatory. 61 * @return An Authentication. If Authentication is successful, this will be a {@link org.eclipse.jetty.server.Authentication.User}. If a response has 62 * been sent by the Authenticator (which can be done for both successful and unsuccessful authentications), then the result will 63 * implement {@link org.eclipse.jetty.server.Authentication.ResponseSent}. If Authentication is not manditory, then a 64 * {@link org.eclipse.jetty.server.Authentication.Deferred} may be returned. 65 * 66 * @throws ServerAuthException 67 */ 68 Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory) throws ServerAuthException; 69 70 /* ------------------------------------------------------------ */ 71 /** 72 * @param request 73 * @param response 74 * @param mandatory 75 * @param validatedUser 76 * @return true if response is secure 77 * @throws ServerAuthException 78 */ 79 boolean secureResponse(ServletRequest request, ServletResponse response, boolean mandatory, User validatedUser) throws ServerAuthException; 80 81 82 /* ------------------------------------------------------------ */ 83 /* ------------------------------------------------------------ */ 84 /* ------------------------------------------------------------ */ 85 /** 86 * Authenticator Configuration 87 */ 88 interface AuthConfiguration 89 { 90 String getAuthMethod(); 91 String getRealmName(); 92 93 /** Get a SecurityHandler init parameter 94 * @see SecurityHandler#getInitParameter(String) 95 * @param param parameter name 96 * @return Parameter value or null 97 */ 98 String getInitParameter(String param); 99 100 /* ------------------------------------------------------------ */ 101 /** Get a SecurityHandler init parameter names 102 * @see SecurityHandler#getInitParameterNames() 103 * @return Set of parameter names 104 */ 105 Set<String> getInitParameterNames(); 106 107 LoginService getLoginService(); 108 IdentityService getIdentityService(); 109 boolean isSessionRenewedOnAuthentication(); 110 } 111 112 /* ------------------------------------------------------------ */ 113 /* ------------------------------------------------------------ */ 114 /* ------------------------------------------------------------ */ 115 /** 116 * Authenticator Factory 117 */ 118 interface Factory 119 { 120 Authenticator getAuthenticator(Server server, ServletContext context, AuthConfiguration configuration, IdentityService identityService, LoginService loginService); 121 } 122} 123