Source Code Cross Referenced for AuthPolicy.java in  » Net » Apache-common-HttpClient » org » apache » commons » httpclient » auth » Java Source Code / Java DocumentationJava Source Code and Java Documentation

001:        /*
002:         * $Header: /home/jerenkrantz/tmp/commons/commons-convert/cvs/home/cvs/jakarta-commons//httpclient/src/java/org/apache/commons/httpclient/auth/AuthPolicy.java,v 1.6 2004/05/13 04:02:00 mbecke Exp $
003:         * $Revision: 480424 $
004:         * $Date: 2006-11-29 06:56:49 +0100 (Wed, 29 Nov 2006) $
005:         *
006:         * ====================================================================
007:         *
008:         *  Licensed to the Apache Software Foundation (ASF) under one or more
009:         *  contributor license agreements.  See the NOTICE file distributed with
010:         *  this work for additional information regarding copyright ownership.
011:         *  The ASF licenses this file to You under the Apache License, Version 2.0
012:         *  (the "License"); you may not use this file except in compliance with
013:         *  the License.  You may obtain a copy of the License at
014:         *
015:         *      http://www.apache.org/licenses/LICENSE-2.0
016:         *
017:         *  Unless required by applicable law or agreed to in writing, software
018:         *  distributed under the License is distributed on an "AS IS" BASIS,
019:         *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
020:         *  See the License for the specific language governing permissions and
021:         *  limitations under the License.
022:         * ====================================================================
023:         *
024:         * This software consists of voluntary contributions made by many
025:         * individuals on behalf of the Apache Software Foundation.  For more
026:         * information on the Apache Software Foundation, please see
027:         * <http://www.apache.org/>.
028:         *
029:         */
030:
031:        package org.apache.commons.httpclient.auth;
032:
033:        import java.util.ArrayList;
034:        import java.util.HashMap;
035:        import java.util.List;
036:
037:        import org.apache.commons.logging.Log;
038:        import org.apache.commons.logging.LogFactory;
039:
040:        /**
041:         * Authentication policy class. The Authentication policy provides corresponding
042:         * authentication scheme interfrace for a given type of authorization challenge. 
043:         * <p>The following specifications are provided:
044:         *  <ul>
045:         *   <li><tt>Basic</tt>: Basic authentication scheme as defined in RFC2617
046:         *           (considered inherently insecure, but most widely supported)
047:         *   <li><tt>Digest</tt>: Digest authentication scheme as defined in RFC2617
048:         *   <li><tt>NTLM</tt>: The NTLM scheme is a proprietary Microsoft Windows 
049:         *           Authentication protocol (considered to be the most secure among
050:         *           currently supported authentication schemes)
051:         *  </ul>
052:         * 
053:         * @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
054:         *
055:         * @version $Revision: 480424 $
056:         * @since 3.0
057:         */
058:        public abstract class AuthPolicy {
059:
060:            private static final HashMap SCHEMES = new HashMap();
061:            private static final ArrayList SCHEME_LIST = new ArrayList();
062:
063:            /**
064:             * The key used to look up the list of IDs of supported {@link AuthScheme 
065:             * authentication schemes} in their order of preference. The scheme IDs are 
066:             * stored in a {@link java.util.Collection} as {@link java.lang.String}s. 
067:             * 
068:             * <p>
069:             * If several schemes are returned in the <tt>WWW-Authenticate</tt> 
070:             * or <tt>Proxy-Authenticate</tt> header, this parameter defines which
071:             * {@link AuthScheme authentication schemes} takes precedence over others.
072:             * The first item in the collection represents the most preferred 
073:             * {@link AuthScheme authentication scheme}, the last item represents the ID 
074:             * of the least preferred one.
075:             * </p>
076:             * 
077:             * @see org.apache.commons.httpclient.params.DefaultHttpParams
078:             */
079:            public static final String AUTH_SCHEME_PRIORITY = "http.auth.scheme-priority";
080:
081:            /**
082:             * The NTLM scheme is a proprietary Microsoft Windows Authentication 
083:             * protocol (considered to be the most secure among currently supported 
084:             * authentication schemes).
085:             */
086:            public static final String NTLM = "NTLM";
087:
088:            /** 
089:             * Digest authentication scheme as defined in RFC2617.
090:             */
091:            public static final String DIGEST = "Digest";
092:
093:            /** 
094:             * Basic authentication scheme as defined in RFC2617 (considered inherently
095:             * insecure, but most widely supported)
096:             */
097:            public static final String BASIC = "Basic";
098:
099:            static {
100:                AuthPolicy.registerAuthScheme(NTLM, NTLMScheme.class);
101:                AuthPolicy.registerAuthScheme(DIGEST, DigestScheme.class);
102:                AuthPolicy.registerAuthScheme(BASIC, BasicScheme.class);
103:            }
104:
105:            /** Log object. */
106:            protected static final Log LOG = LogFactory
107:                    .getLog(AuthPolicy.class);
108:
109:            /**
110:             * Registers a class implementing an {@link AuthScheme authentication scheme} with 
111:             * the given identifier. If a class with the given ID already exists it will be overridden.  
112:             * This ID is the same one used to retrieve the {@link AuthScheme authentication scheme} 
113:             * from {@link #getAuthScheme(String)}.
114:             * 
115:             * <p>
116:             * Please note that custom authentication preferences, if used, need to be updated accordingly 
117:             * for the new {@link AuthScheme authentication scheme} to take effect.
118:             * </p>    
119:             * 
120:             * @param id the identifier for this scheme
121:             * @param clazz the class to register
122:             * 
123:             * @see #getAuthScheme(String)
124:             * @see #AUTH_SCHEME_PRIORITY
125:             */
126:            public static synchronized void registerAuthScheme(final String id,
127:                    Class clazz) {
128:                if (id == null) {
129:                    throw new IllegalArgumentException("Id may not be null");
130:                }
131:                if (clazz == null) {
132:                    throw new IllegalArgumentException(
133:                            "Authentication scheme class may not be null");
134:                }
135:                SCHEMES.put(id.toLowerCase(), clazz);
136:                SCHEME_LIST.add(id.toLowerCase());
137:            }
138:
139:            /**
140:             * Unregisters the class implementing an {@link AuthScheme authentication scheme} with 
141:             * the given ID.
142:             * 
143:             * @param id the ID of the class to unregister
144:             */
145:            public static synchronized void unregisterAuthScheme(final String id) {
146:                if (id == null) {
147:                    throw new IllegalArgumentException("Id may not be null");
148:                }
149:                SCHEMES.remove(id.toLowerCase());
150:                SCHEME_LIST.remove(id.toLowerCase());
151:            }
152:
153:            /**
154:             * Gets the {@link AuthScheme authentication scheme} with the given ID.
155:             * 
156:             * @param id the {@link AuthScheme authentication scheme} ID
157:             * 
158:             * @return {@link AuthScheme authentication scheme}
159:             * 
160:             * @throws IllegalStateException if a scheme with the ID cannot be found
161:             */
162:            public static synchronized AuthScheme getAuthScheme(final String id)
163:                    throws IllegalStateException {
164:
165:                if (id == null) {
166:                    throw new IllegalArgumentException("Id may not be null");
167:                }
168:                Class clazz = (Class) SCHEMES.get(id.toLowerCase());
169:                if (clazz != null) {
170:                    try {
171:                        return (AuthScheme) clazz.newInstance();
172:                    } catch (Exception e) {
173:                        LOG.error("Error initializing authentication scheme: "
174:                                + id, e);
175:                        throw new IllegalStateException(id
176:                                + " authentication scheme implemented by "
177:                                + clazz.getName() + " could not be initialized");
178:                    }
179:                } else {
180:                    throw new IllegalStateException(
181:                            "Unsupported authentication scheme " + id);
182:                }
183:            }
184:
185:            /**
186:             * Returns a list containing all registered {@link AuthScheme authentication 
187:             * schemes} in their default order.
188:             * 
189:             * @return {@link AuthScheme authentication scheme}
190:             */
191:            public static synchronized List getDefaultAuthPrefs() {
192:                return (List) SCHEME_LIST.clone();
193:            }
194:        }