1// 2// ======================================================================== 3// Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd. 4// ------------------------------------------------------------------------ 5// All rights reserved. This program and the accompanying materials 6// are made available under the terms of the Eclipse Public License v1.0 7// and Apache License v2.0 which accompanies this distribution. 8// 9// The Eclipse Public License is available at 10// http://www.eclipse.org/legal/epl-v10.html 11// 12// The Apache License v2.0 is available at 13// http://www.opensource.org/licenses/apache2.0.php 14// 15// You may elect to redistribute this code under either of these licenses. 16// ======================================================================== 17// 18 19package org.eclipse.jetty.server; 20 21import javax.servlet.ServletRequest; 22import javax.servlet.ServletResponse; 23import javax.servlet.http.HttpServletRequest; 24import javax.servlet.http.HttpServletResponse; 25 26 27/* ------------------------------------------------------------ */ 28/** The Authentication state of a request. 29 * <p> 30 * The Authentication state can be one of several sub-types that 31 * reflects where the request is in the many different authentication 32 * cycles. Authentication might not yet be checked or it might be checked 33 * and failed, checked and deferred or succeeded. 34 * 35 */ 36public interface Authentication 37{ 38 /* ------------------------------------------------------------ */ 39 /** A successful Authentication with User information. 40 */ 41 public interface User extends Authentication 42 { 43 String getAuthMethod(); 44 UserIdentity getUserIdentity(); 45 boolean isUserInRole(UserIdentity.Scope scope,String role); 46 void logout(); 47 } 48 49 /* ------------------------------------------------------------ */ 50 /** A wrapped authentication with methods provide the 51 * wrapped request/response for use by the application 52 */ 53 public interface Wrapped extends Authentication 54 { 55 HttpServletRequest getHttpServletRequest(); 56 HttpServletResponse getHttpServletResponse(); 57 } 58 59 /* ------------------------------------------------------------ */ 60 /** A deferred authentication with methods to progress 61 * the authentication process. 62 */ 63 public interface Deferred extends Authentication 64 { 65 /* ------------------------------------------------------------ */ 66 /** Authenticate if possible without sending a challenge. 67 * This is used to check credentials that have been sent for 68 * non-manditory authentication. 69 * @return The new Authentication state. 70 */ 71 Authentication authenticate(ServletRequest request); 72 73 /* ------------------------------------------------------------ */ 74 /** Authenticate and possibly send a challenge. 75 * This is used to initiate authentication for previously 76 * non-manditory authentication. 77 * @return The new Authentication state. 78 */ 79 Authentication authenticate(ServletRequest request,ServletResponse response); 80 81 82 /* ------------------------------------------------------------ */ 83 /** Login with the LOGIN authenticator 84 * @param username 85 * @param password 86 * @return The new Authentication state 87 */ 88 Authentication login(String username,Object password,ServletRequest request); 89 } 90 91 92 /* ------------------------------------------------------------ */ 93 /** Authentication Response sent state. 94 * Responses are sent by authenticators either to issue an 95 * authentication challenge or on successful authentication in 96 * order to redirect the user to the original URL. 97 */ 98 public interface ResponseSent extends Authentication 99 { 100 } 101 102 /* ------------------------------------------------------------ */ 103 /** An Authentication Challenge has been sent. 104 */ 105 public interface Challenge extends ResponseSent 106 { 107 } 108 109 /* ------------------------------------------------------------ */ 110 /** An Authentication Failure has been sent. 111 */ 112 public interface Failure extends ResponseSent 113 { 114 } 115 116 public interface SendSuccess extends ResponseSent 117 { 118 } 119 120 /* ------------------------------------------------------------ */ 121 /** Unauthenticated state. 122 * <p> 123 * This convenience instance is for non mandatory authentication where credentials 124 * have been presented and checked, but failed authentication. 125 */ 126 public final static Authentication UNAUTHENTICATED = new Authentication(){@Override 127 public String toString(){return "UNAUTHENTICATED";}}; 128 129 /* ------------------------------------------------------------ */ 130 /** Authentication not checked 131 * <p> 132 * This convenience instance us for non mandatory authentication when no 133 * credentials are present to be checked. 134 */ 135 public final static Authentication NOT_CHECKED = new Authentication(){@Override 136 public String toString(){return "NOT CHECKED";}}; 137 138 /* ------------------------------------------------------------ */ 139 /** Authentication challenge sent. 140 * <p> 141 * This convenience instance is for when an authentication challenge has been sent. 142 */ 143 public final static Authentication SEND_CONTINUE = new Authentication.Challenge(){@Override 144 public String toString(){return "CHALLENGE";}}; 145 146 /* ------------------------------------------------------------ */ 147 /** Authentication failure sent. 148 * <p> 149 * This convenience instance is for when an authentication failure has been sent. 150 */ 151 public final static Authentication SEND_FAILURE = new Authentication.Failure(){@Override 152 public String toString(){return "FAILURE";}}; 153 public final static Authentication SEND_SUCCESS = new SendSuccess(){@Override 154 public String toString(){return "SEND_SUCCESS";}}; 155} 156