changeset 815:07c82fabc46b

remove Authentication
author Franklin Schmidt <fschmidt@gmail.com>
date Fri, 09 Sep 2016 14:27:05 -0600
parents 95cbe23a96fb
children 01803b98f279
files src/org/eclipse/jetty/server/Authentication.java src/org/eclipse/jetty/server/NCSARequestLog.java src/org/eclipse/jetty/server/Request.java
diffstat 3 files changed, 3 insertions(+), 210 deletions(-) [+]
line wrap: on
line diff
--- a/src/org/eclipse/jetty/server/Authentication.java	Fri Sep 09 10:37:37 2016 -0600
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,153 +0,0 @@
-//
-//  ========================================================================
-//  Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd.
-//  ------------------------------------------------------------------------
-//  All rights reserved. This program and the accompanying materials
-//  are made available under the terms of the Eclipse Public License v1.0
-//  and Apache License v2.0 which accompanies this distribution.
-//
-//      The Eclipse Public License is available at
-//      http://www.eclipse.org/legal/epl-v10.html
-//
-//      The Apache License v2.0 is available at
-//      http://www.opensource.org/licenses/apache2.0.php
-//
-//  You may elect to redistribute this code under either of these licenses.
-//  ========================================================================
-//
-
-package org.eclipse.jetty.server;
-
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-
-/* ------------------------------------------------------------ */
-/** The Authentication state of a request.
- * <p>
- * The Authentication state can be one of several sub-types that
- * reflects where the request is in the many different authentication
- * cycles. Authentication might not yet be checked or it might be checked
- * and failed, checked and deferred or succeeded. 
- * 
- */
-public interface Authentication
-{
-	/* ------------------------------------------------------------ */
-	/** A successful Authentication with User information.
-	 */
-	public interface User extends Authentication
-	{
-		String getAuthMethod();
-		void logout();
-	}
-	
-	/* ------------------------------------------------------------ */
-	/** A wrapped authentication with methods provide the
-	 * wrapped request/response for use by the application
-	 */
-	public interface Wrapped extends Authentication
-	{
-		HttpServletRequest getHttpServletRequest();
-		HttpServletResponse getHttpServletResponse();
-	}
-	
-	/* ------------------------------------------------------------ */
-	/** A deferred authentication with methods to progress 
-	 * the authentication process.
-	 */
-	public interface Deferred extends Authentication
-	{
-		/* ------------------------------------------------------------ */
-		/** Authenticate if possible without sending a challenge.
-		 * This is used to check credentials that have been sent for 
-		 * non-manditory authentication.
-		 * @return The new Authentication state.
-		 */
-		Authentication authenticate(ServletRequest request);
-
-		/* ------------------------------------------------------------ */
-		/** Authenticate and possibly send a challenge.
-		 * This is used to initiate authentication for previously 
-		 * non-manditory authentication.
-		 * @return The new Authentication state.
-		 */
-		Authentication authenticate(ServletRequest request,ServletResponse response);
-		
-		
-		/* ------------------------------------------------------------ */
-		/** Login with the LOGIN authenticator
-		 * @param username
-		 * @param password
-		 * @return The new Authentication state
-		 */
-		Authentication login(String username,Object password,ServletRequest request);
-	}
-
-	
-	/* ------------------------------------------------------------ */
-	/** Authentication Response sent state.
-	 * Responses are sent by authenticators either to issue an
-	 * authentication challenge or on successful authentication in
-	 * order to redirect the user to the original URL.
-	 */
-	public interface ResponseSent extends Authentication
-	{ 
-	}
-	
-	/* ------------------------------------------------------------ */
-	/** An Authentication Challenge has been sent.
-	 */
-	public interface Challenge extends ResponseSent
-	{ 
-	}
-
-	/* ------------------------------------------------------------ */
-	/** An Authentication Failure has been sent.
-	 */
-	public interface Failure extends ResponseSent
-	{ 
-	}
-
-	public interface SendSuccess extends ResponseSent
-	{
-	}
-
-	/* ------------------------------------------------------------ */
-	/** Unauthenticated state.
-	 * <p> 
-	 * This convenience instance is for non mandatory authentication where credentials
-	 * have been presented and checked, but failed authentication. 
-	 */
-	public final static Authentication UNAUTHENTICATED = new Authentication(){@Override
-	public String toString(){return "UNAUTHENTICATED";}};
-
-	/* ------------------------------------------------------------ */
-	/** Authentication not checked
-	 * <p>
-	 * This convenience instance us for non mandatory authentication when no 
-	 * credentials are present to be checked.
-	 */
-	public final static Authentication NOT_CHECKED = new Authentication(){@Override
-	public String toString(){return "NOT CHECKED";}};
-
-	/* ------------------------------------------------------------ */
-	/** Authentication challenge sent.
-	 * <p>
-	 * This convenience instance is for when an authentication challenge has been sent.
-	 */
-	public final static Authentication SEND_CONTINUE = new Authentication.Challenge(){@Override
-	public String toString(){return "CHALLENGE";}};
-
-	/* ------------------------------------------------------------ */
-	/** Authentication failure sent.
-	 * <p>
-	 * This convenience instance is for when an authentication failure has been sent.
-	 */
-	public final static Authentication SEND_FAILURE = new Authentication.Failure(){@Override
-	public String toString(){return "FAILURE";}};
-	public final static Authentication SEND_SUCCESS = new SendSuccess(){@Override
-	public String toString(){return "SEND_SUCCESS";}};
-}
--- a/src/org/eclipse/jetty/server/NCSARequestLog.java	Fri Sep 09 10:37:37 2016 -0600
+++ b/src/org/eclipse/jetty/server/NCSARequestLog.java	Fri Sep 09 14:27:05 2016 -0600
@@ -489,8 +489,6 @@
 
 			buf.append(addr);
 			buf.append(" - ");
-			Authentication authentication=request.getAuthentication();
-			buf.append(" - ");
 
 			buf.append(" [");
 			if (_logDateCache != null)
--- a/src/org/eclipse/jetty/server/Request.java	Fri Sep 09 10:37:37 2016 -0600
+++ b/src/org/eclipse/jetty/server/Request.java	Fri Sep 09 14:27:05 2016 -0600
@@ -180,7 +180,6 @@
 	protected final AsyncContinuation _async = new AsyncContinuation();
 	private boolean _asyncSupported = true;
 	private volatile Attributes _attributes;
-	private Authentication _authentication;
 	private MultiMap<String> _baseParameters;
 	private String _characterEncoding;
 	protected AbstractHttpConnection _connection;
@@ -457,27 +456,11 @@
 	}
 
 	/* ------------------------------------------------------------ */
-	/**
-	 * Get the authentication.
-	 *
-	 * @return the authentication
-	 */
-	public Authentication getAuthentication()
-	{
-		return _authentication;
-	}
-
-	/* ------------------------------------------------------------ */
 	/*
 	 * @see javax.servlet.http.HttpServletRequest#getAuthType()
 	 */
 	public String getAuthType()
 	{
-		if (_authentication instanceof Authentication.Deferred)
-			setAuthentication(((Authentication.Deferred)_authentication).authenticate(this));
-		
-		if (_authentication instanceof Authentication.User)
-			return ((Authentication.User)_authentication).getAuthMethod();
 		return null;
 	}
 
@@ -1277,9 +1260,6 @@
 	 */
 	public Principal getUserPrincipal()
 	{
-		if (_authentication instanceof Authentication.Deferred)
-			setAuthentication(((Authentication.Deferred)_authentication).authenticate(this));
-
 		return null;
 	}
 
@@ -1363,8 +1343,6 @@
 	 */
 	public boolean isUserInRole(String role)
 	{
-		if (_authentication instanceof Authentication.Deferred)
-			setAuthentication(((Authentication.Deferred)_authentication).authenticate(this));
 		return false;
 	}
 
@@ -1392,7 +1370,6 @@
 			}
 		}
 
-		setAuthentication(Authentication.NOT_CHECKED);
 		_async.recycle();
 		_asyncSupported = true;
 		_handled = false;
@@ -1564,18 +1541,6 @@
 	/* ------------------------------------------------------------ */
 
 	/* ------------------------------------------------------------ */
-	/**
-	 * Set the authentication.
-	 *
-	 * @param authentication
-	 *            the authentication to set
-	 */
-	public void setAuthentication(Authentication authentication)
-	{
-		_authentication = authentication;
-	}
-
-	/* ------------------------------------------------------------ */
 	/*
 	 * @see javax.servlet.ServletRequest#setCharacterEncoding(java.lang.String)
 	 */
@@ -1875,13 +1840,7 @@
 	/* ------------------------------------------------------------ */
 	public boolean authenticate(HttpServletResponse response) throws IOException, ServletException
 	{
-		if (_authentication instanceof Authentication.Deferred)
-		{
-			setAuthentication(((Authentication.Deferred)_authentication).authenticate(this,response));
-			return !(_authentication instanceof Authentication.ResponseSent);        
-		}
-		response.sendError(HttpStatus.UNAUTHORIZED_401);
-		return false;
+		throw new UnsupportedOperationException();
 	}
 
 	/* ------------------------------------------------------------ */
@@ -1949,24 +1908,13 @@
 	/* ------------------------------------------------------------ */
 	public void login(String username, String password) throws ServletException
 	{
-		if (_authentication instanceof Authentication.Deferred) 
-		{
-			_authentication=((Authentication.Deferred)_authentication).login(username,password,this);
-			if (_authentication == null)
-				throw new ServletException();
-		} 
-		else 
-		{
-			throw new ServletException("Authenticated as "+_authentication);
-		}
+		throw new UnsupportedOperationException();
 	}
 
 	/* ------------------------------------------------------------ */
 	public void logout() throws ServletException
 	{
-		if (_authentication instanceof Authentication.User)
-			((Authentication.User)_authentication).logout();
-		_authentication=Authentication.UNAUTHENTICATED;
+		throw new UnsupportedOperationException();
 	}
 	
 	/* ------------------------------------------------------------ */