// ========================================================================
// Copyright (c) 2008-2009 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
package org.eclipse.jetty.server;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/* ------------------------------------------------------------ */
/** The Authentication state of a request.
* <p>
* The Authentication state can be one of several sub-types that
* reflects where the request is in the many different authentication
* cycles. Authentication might not yet be checked or it might be checked
* and failed, checked and deferred or succeeded.
*
*/
public interface Authentication
{
/* ------------------------------------------------------------ */
/** A successful Authentication with User information.
*/
public interface User extends Authentication
{
String getAuthMethod();
UserIdentity getUserIdentity();
boolean isUserInRole(UserIdentity.Scope scope,String role);
void logout();
}
/* ------------------------------------------------------------ */
/** A wrapped authentication with methods provide the
* wrapped request/response for use by the application
*/
public interface Wrapped extends Authentication
{
HttpServletRequest getHttpServletRequest();
HttpServletResponse getHttpServletResponse();
}
/* ------------------------------------------------------------ */
/** A deferred authentication with methods to progress
* the authentication process.
*/
public interface Deferred extends Authentication
{
/* ------------------------------------------------------------ */
/** Authenticate if possible without sending a challenge.
* This is used to check credentials that have been sent for
* non-manditory authentication.
* @return The new Authentication state.
*/
Authentication authenticate(ServletRequest request);
/* ------------------------------------------------------------ */
/** Authenticate and possibly send a challenge.
* This is used to initiate authentication for previously
* non-manditory authentication.
* @return The new Authentication state.
*/
Authentication authenticate(ServletRequest request,ServletResponse response);
/* ------------------------------------------------------------ */
/** Login with the LOGIN authenticator
* @param username
* @param password
* @return The new Authentication state
*/
Authentication login(String username,String password);
}
/* ------------------------------------------------------------ */
/** Authentication Response sent state.
* Responses are sent by authenticators either to issue an
* authentication challenge or on successful authentication in
* order to redirect the user to the original URL.
*/
public interface ResponseSent extends Authentication
{
}
/* ------------------------------------------------------------ */
/** An Authentication Challenge has been sent.
*/
public interface Challenge extends ResponseSent
{
}
/* ------------------------------------------------------------ */
/** An Authentication Failure has been sent.
*/
public interface Failure extends ResponseSent
{
}
public interface SendSuccess extends ResponseSent
{
}
/* ------------------------------------------------------------ */
/** Unauthenticated state.
* <p>
* This convenience instance is for non mandatory authentication where credentials
* have been presented and checked, but failed authentication.
*/
public final static Authentication UNAUTHENTICATED = new Authentication(){@Override
public String toString(){return "UNAUTHENTICATED";}};
/* ------------------------------------------------------------ */
/** Authentication not checked
* <p>
* This convenience instance us for non mandatory authentication when no
* credentials are present to be checked.
*/
public final static Authentication NOT_CHECKED = new Authentication(){@Override
public String toString(){return "NOT CHECKED";}};
/* ------------------------------------------------------------ */
/** Authentication challenge sent.
* <p>
* This convenience instance is for when an authentication challenge has been sent.
*/
public final static Authentication SEND_CONTINUE = new Authentication.Challenge(){@Override
public String toString(){return "CHALLENGE";}};
/* ------------------------------------------------------------ */
/** Authentication failure sent.
* <p>
* This convenience instance is for when an authentication failure has been sent.
*/
public final static Authentication SEND_FAILURE = new Authentication.Failure(){@Override
public String toString(){return "FAILURE";}};
public final static Authentication SEND_SUCCESS = new SendSuccess(){@Override
public String toString(){return "SEND_SUCCESS";}};
}