001/* 002 * SonarQube 003 * Copyright (C) 2009-2016 SonarSource SA 004 * mailto:contact AT sonarsource DOT com 005 * 006 * This program is free software; you can redistribute it and/or 007 * modify it under the terms of the GNU Lesser General Public 008 * License as published by the Free Software Foundation; either 009 * version 3 of the License, or (at your option) any later version. 010 * 011 * This program is distributed in the hope that it will be useful, 012 * but WITHOUT ANY WARRANTY; without even the implied warranty of 013 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 014 * Lesser General Public License for more details. 015 * 016 * You should have received a copy of the GNU Lesser General Public License 017 * along with this program; if not, write to the Free Software Foundation, 018 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 019 */ 020package org.sonar.api.security; 021 022import com.google.common.base.Preconditions; 023import org.sonar.api.ExtensionPoint; 024import org.sonar.api.server.ServerSide; 025 026import javax.annotation.Nullable; 027import javax.servlet.http.HttpServletRequest; 028 029/** 030 * @see SecurityRealm 031 * @since 3.1 032 */ 033@ServerSide 034@ExtensionPoint 035public abstract class Authenticator { 036 037 /** 038 * @return true if user was successfully authenticated with specified credentials, false otherwise 039 * @throws RuntimeException in case of unexpected error such as connection failure 040 */ 041 public abstract boolean doAuthenticate(Context context); 042 043 public static final class Context { 044 private String username; 045 private String password; 046 private HttpServletRequest request; 047 048 public Context(@Nullable String username, @Nullable String password, HttpServletRequest request) { 049 Preconditions.checkNotNull(request); 050 this.request = request; 051 this.username = username; 052 this.password = password; 053 } 054 055 /** 056 * Username can be null, for example when using <a href="http://www.jasig.org/cas">CAS</a>. 057 */ 058 public String getUsername() { 059 return username; 060 } 061 062 /** 063 * Password can be null, for example when using <a href="http://www.jasig.org/cas">CAS</a>. 064 */ 065 public String getPassword() { 066 return password; 067 } 068 069 public HttpServletRequest getRequest() { 070 return request; 071 } 072 } 073}