Jake Slack | 03928ae | 2014-05-13 18:41:56 -0700 | [diff] [blame] | 1 | // |
| 2 | // ======================================================================== |
| 3 | // Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd. |
| 4 | // ------------------------------------------------------------------------ |
| 5 | // All rights reserved. This program and the accompanying materials |
| 6 | // are made available under the terms of the Eclipse Public License v1.0 |
| 7 | // and Apache License v2.0 which accompanies this distribution. |
| 8 | // |
| 9 | // The Eclipse Public License is available at |
| 10 | // http://www.eclipse.org/legal/epl-v10.html |
| 11 | // |
| 12 | // The Apache License v2.0 is available at |
| 13 | // http://www.opensource.org/licenses/apache2.0.php |
| 14 | // |
| 15 | // You may elect to redistribute this code under either of these licenses. |
| 16 | // ======================================================================== |
| 17 | // |
| 18 | |
| 19 | package org.eclipse.jetty.security; |
| 20 | |
| 21 | import java.util.Set; |
| 22 | |
| 23 | import javax.servlet.ServletContext; |
| 24 | import javax.servlet.ServletRequest; |
| 25 | import javax.servlet.ServletResponse; |
| 26 | |
| 27 | import org.eclipse.jetty.server.Authentication; |
| 28 | import org.eclipse.jetty.server.Authentication.User; |
| 29 | import org.eclipse.jetty.server.Server; |
| 30 | |
| 31 | /** |
| 32 | * Authenticator Interface |
| 33 | * <p> |
| 34 | * An Authenticator is responsible for checking requests and sending |
| 35 | * response challenges in order to authenticate a request. |
| 36 | * Various types of {@link Authentication} are returned in order to |
| 37 | * signal the next step in authentication. |
| 38 | * |
| 39 | * @version $Rev: 4793 $ $Date: 2009-03-19 00:00:01 +0100 (Thu, 19 Mar 2009) $ |
| 40 | */ |
| 41 | public interface Authenticator |
| 42 | { |
| 43 | /* ------------------------------------------------------------ */ |
| 44 | /** |
| 45 | * Configure the Authenticator |
| 46 | * @param configuration |
| 47 | */ |
| 48 | void setConfiguration(AuthConfiguration configuration); |
| 49 | |
| 50 | /* ------------------------------------------------------------ */ |
| 51 | /** |
| 52 | * @return The name of the authentication method |
| 53 | */ |
| 54 | String getAuthMethod(); |
| 55 | |
| 56 | /* ------------------------------------------------------------ */ |
| 57 | /** Validate a response |
| 58 | * @param request The request |
| 59 | * @param response The response |
| 60 | * @param mandatory True if authentication is mandatory. |
| 61 | * @return An Authentication. If Authentication is successful, this will be a {@link org.eclipse.jetty.server.Authentication.User}. If a response has |
| 62 | * been sent by the Authenticator (which can be done for both successful and unsuccessful authentications), then the result will |
| 63 | * implement {@link org.eclipse.jetty.server.Authentication.ResponseSent}. If Authentication is not manditory, then a |
| 64 | * {@link org.eclipse.jetty.server.Authentication.Deferred} may be returned. |
| 65 | * |
| 66 | * @throws ServerAuthException |
| 67 | */ |
| 68 | Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory) throws ServerAuthException; |
| 69 | |
| 70 | /* ------------------------------------------------------------ */ |
| 71 | /** |
| 72 | * @param request |
| 73 | * @param response |
| 74 | * @param mandatory |
| 75 | * @param validatedUser |
| 76 | * @return true if response is secure |
| 77 | * @throws ServerAuthException |
| 78 | */ |
| 79 | boolean secureResponse(ServletRequest request, ServletResponse response, boolean mandatory, User validatedUser) throws ServerAuthException; |
| 80 | |
| 81 | |
| 82 | /* ------------------------------------------------------------ */ |
| 83 | /* ------------------------------------------------------------ */ |
| 84 | /* ------------------------------------------------------------ */ |
| 85 | /** |
| 86 | * Authenticator Configuration |
| 87 | */ |
| 88 | interface AuthConfiguration |
| 89 | { |
| 90 | String getAuthMethod(); |
| 91 | String getRealmName(); |
| 92 | |
| 93 | /** Get a SecurityHandler init parameter |
| 94 | * @see SecurityHandler#getInitParameter(String) |
| 95 | * @param param parameter name |
| 96 | * @return Parameter value or null |
| 97 | */ |
| 98 | String getInitParameter(String param); |
| 99 | |
| 100 | /* ------------------------------------------------------------ */ |
| 101 | /** Get a SecurityHandler init parameter names |
| 102 | * @see SecurityHandler#getInitParameterNames() |
| 103 | * @return Set of parameter names |
| 104 | */ |
| 105 | Set<String> getInitParameterNames(); |
| 106 | |
| 107 | LoginService getLoginService(); |
| 108 | IdentityService getIdentityService(); |
| 109 | boolean isSessionRenewedOnAuthentication(); |
| 110 | } |
| 111 | |
| 112 | /* ------------------------------------------------------------ */ |
| 113 | /* ------------------------------------------------------------ */ |
| 114 | /* ------------------------------------------------------------ */ |
| 115 | /** |
| 116 | * Authenticator Factory |
| 117 | */ |
| 118 | interface Factory |
| 119 | { |
| 120 | Authenticator getAuthenticator(Server server, ServletContext context, AuthConfiguration configuration, IdentityService identityService, LoginService loginService); |
| 121 | } |
| 122 | } |