View Javadoc
1   /**
2    * Waffle (https://github.com/dblock/waffle)
3    *
4    * Copyright (c) 2010 - 2015 Application Security, Inc.
5    *
6    * All rights reserved. This program and the accompanying materials
7    * are made available under the terms of the Eclipse Public License v1.0
8    * which accompanies this distribution, and is available at
9    * http://www.eclipse.org/legal/epl-v10.html
10   *
11   * Contributors:
12   *     Application Security, Inc.
13   */
14  package waffle.servlet.spi;
15  
16  import java.io.IOException;
17  
18  import javax.servlet.http.HttpServletRequest;
19  import javax.servlet.http.HttpServletResponse;
20  
21  import waffle.windows.auth.IWindowsIdentity;
22  
23  /**
24   * A security filter provider.
25   * 
26   * @author dblock[at]dblock[dot]org
27   */
28  public interface SecurityFilterProvider {
29  
30      /**
31       * Add authentication method headers.
32       * 
33       * @param response
34       *            Http Response.
35       */
36      void sendUnauthorized(final HttpServletResponse response);
37  
38      /**
39       * Returns true if despite having a principal authentication needs to happen.
40       * 
41       * @param request
42       *            Http Request.
43       * @return True if authentication is required.
44       */
45      boolean isPrincipalException(final HttpServletRequest request);
46  
47      /**
48       * Execute filter.
49       * 
50       * @param request
51       *            Http Servlet Request.
52       * @param response
53       *            Http Servlet Response.
54       * @return A Windows identity in case authentication completed or NULL if not. Thrown exceptions should be caught
55       *         and processed as 401 Access Denied.
56       * @throws IOException
57       *             on doFilter.
58       */
59      IWindowsIdentity doFilter(final HttpServletRequest request, final HttpServletResponse response) throws IOException;
60  
61      /**
62       * Tests whether a specific security package is supported.
63       * 
64       * @param securityPackage
65       *            Security package.
66       * @return True if the security package is supported, false otherwise.
67       */
68      boolean isSecurityPackageSupported(final String securityPackage);
69  
70      /**
71       * Init a parameter.
72       * 
73       * @param parameterName
74       *            Parameter name.
75       * @param parameterValue
76       *            Parameter value.
77       */
78      void initParameter(final String parameterName, final String parameterValue);
79  }