001    /*
002     * SonarQube, open source software quality management tool.
003     * Copyright (C) 2008-2014 SonarSource
004     * mailto:contact AT sonarsource DOT com
005     *
006     * SonarQube is free software; you can redistribute it and/or
007     * modify it under the terms of the GNU Lesser General Public
008     * License as published by the Free Software Foundation; either
009     * version 3 of the License, or (at your option) any later version.
010     *
011     * SonarQube is distributed in the hope that it will be useful,
012     * but WITHOUT ANY WARRANTY; without even the implied warranty of
013     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
014     * Lesser General Public License for more details.
015     *
016     * You should have received a copy of the GNU Lesser General Public License
017     * along with this program; if not, write to the Free Software Foundation,
018     * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
019     */
020    package org.sonar.api.security;
021    
022    import com.google.common.base.Preconditions;
023    import org.sonar.api.ServerExtension;
024    
025    import javax.annotation.Nullable;
026    import javax.servlet.http.HttpServletRequest;
027    
028    /**
029     * @see SecurityRealm
030     * @since 3.1
031     */
032    public abstract class Authenticator implements ServerExtension {
033    
034      /**
035       * @return true if user was successfully authenticated with specified credentials, false otherwise
036       * @throws RuntimeException in case of unexpected error such as connection failure
037       */
038      public abstract boolean doAuthenticate(Context context);
039    
040      public static final class Context {
041        private String username;
042        private String password;
043        private HttpServletRequest request;
044    
045        public Context(@Nullable String username, @Nullable String password, HttpServletRequest request) {
046          Preconditions.checkNotNull(request);
047          this.request = request;
048          this.username = username;
049          this.password = password;
050        }
051    
052        /**
053         * Username can be null, for example when using <a href="http://www.jasig.org/cas">CAS</a>.
054         */
055        public String getUsername() {
056          return username;
057        }
058    
059        /**
060         * Password can be null, for example when using <a href="http://www.jasig.org/cas">CAS</a>.
061         */
062        public String getPassword() {
063          return password;
064        }
065    
066        public HttpServletRequest getRequest() {
067          return request;
068        }
069      }
070    }