1. /*

  2.  * @(#)Authenticator.java	1.14 01/11/29

  3.  *

  4.  * Copyright 2002 Sun Microsystems, Inc. All rights reserved.

  5.  * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.

  6.  */

  7. 

  8. package java.net;

  9. 

  10. /**

  11.  * The class Authenticator represents an object that knows how to obtain

  12.  * authentication for a network connection.  Usually, it will do this

  13.  * by prompting the user for information.

  14.  * <p>

  15.  * Applications use this class by creating a subclass, and registering

  16.  * an instance of that subclass with the system with setDefault().

  17.  * When authentication is required, the system will invoke a method

  18.  * on the subclass (like getPasswordAuthentication).  The subclass's

  19.  * method can query about the authentication being requested with a

  20.  * number of inherited methods (getRequestingXXX()), and form an

  21.  * appropriate message for the user.

  22.  * <p>

  23.  * All methods that request authentication have a default implementation

  24.  * that fails.

  25.  *

  26.  * @see java.net.Authenticator.setDefault(java.net.ConnectionAuthenticator)

  27.  * @see java.net.getPasswordAuthentication()

  28.  *

  29.  * @author  Bill Foote

  30.  * @version 1.14, 11/29/01

  31.  * @since   JDK1.2

  32.  */

  33. 

  34. // There are no abstract methods, but to be useful the user must

  35. // subclass.

  36. public abstract 

  37. class Authenticator {

  38. 

  39.     // The system-wide authenticator object.  See setDefault().

  40.     private static Authenticator theAuthenticator;

  41. 

  42.     private InetAddress requestingSite;

  43.     private int requestingPort;

  44.     private String requestingProtocol;

  45.     private String requestingPrompt;

  46.     private String requestingScheme;

  47. 

  48.     private void reset() {

  49. 	requestingSite = null;

  50. 	requestingPort = -1;

  51. 	requestingProtocol = null;

  52. 	requestingPrompt = null;

  53. 	requestingScheme = null;

  54.     }

  55. 

  56. 

  57.     /**

  58.      * Sets the authenticator that will be used by the networking code

  59.      * when a proxy or an HTTP server asks for authenticator.

  60.      * If an Authenticator has already been established

  61.      * as the current authenticator, no action will be taken.

  62.      * If the argument is <code>null</code> and no

  63.      * authenticator has been established, then no action is taken

  64.      * and the method simply returns.

  65.      * <p>

  66.      * First, if there is a security manager, its <code>checkPermission</code> 

  67.      * method is called with a 

  68.      * <code>NetPermission("setDefaultAuthenticator")</code> permission.

  69.      * This may result in a java.lang.SecurityException. 

  70.      * <p>

  71.      * Typically, this method will be called exactly once, at system startup.

  72.      *

  73.      * @param	a	The authenticator

  74.      *

  75.      * @throws SecurityException

  76.      *        if a security manager exists and its 

  77.      *        <code>checkPermission</code> method doesn't allow 

  78.      *        setting the default authenticator.

  79.      *

  80.      * @see SecurityManager#checkPermission

  81.      * @see java.net.NetPermission

  82.      */

  83.     public synchronized static void setDefault(Authenticator a) {

  84. 	NetPermission setDefaultPermission

  85. 	    = new NetPermission("setDefaultAuthenticator");

  86. 	SecurityManager sm = System.getSecurityManager();

  87. 	if (sm != null) sm.checkPermission(setDefaultPermission);

  88. 	if (theAuthenticator != null) {

  89. 	    return;

  90. 	}

  91. 	theAuthenticator = a;

  92.     }

  93. 

  94.     /**

  95.      * Ask the authenticator that has been registered with the system

  96.      * for a password.

  97.      * <p>

  98.      * First, if there is a security manager, its <code>checkPermission</code> 

  99.      * method is called with a 

  100.      * <code>NetPermission("requestPasswordAuthentication")</code> permission.

  101.      * This may result in a java.lang.SecurityException. 

  102.      *

  103.      * @param addr The InetAddress of the site requesting authorization,

  104.      *             or null if not known.

  105.      * @param port the port for the requested connection

  106.      * @param protocol The protocol that's requesting the connection

  107.      *          (@see java.net.Authenticator.getProtocol())

  108.      * @param prompt A prompt string for the user

  109.      * @param scheme The authentication scheme

  110.      *

  111.      * @return The username/password, or null if one can't be gotten.

  112.      *

  113.      * @throws SecurityException

  114.      *        if a security manager exists and its 

  115.      *        <code>checkPermission</code> method doesn't allow 

  116.      *        the password authentication request.

  117.      *

  118.      * @see SecurityManager#checkPermission

  119.      * @see java.net.NetPermission

  120.      */

  121.     public static PasswordAuthentication requestPasswordAuthentication(

  122. 					    InetAddress addr,

  123. 					    int port,

  124. 					    String protocol,

  125. 					    String prompt,

  126. 					    String scheme) {

  127. 

  128. 	NetPermission requestPermission

  129. 	    = new NetPermission("requestPasswordAuthentication");

  130. 	SecurityManager sm = System.getSecurityManager();

  131. 	if (sm != null) sm.checkPermission(requestPermission);

  132. 

  133. 	Authenticator a = theAuthenticator;

  134. 	if (a == null) {

  135. 	    return null;

  136. 	} else {

  137. 	    synchronized(a) {

  138. 		a.reset();

  139. 		a.requestingSite = addr;

  140. 		a.requestingPort = port;

  141. 		a.requestingProtocol = protocol;

  142. 		a.requestingPrompt = prompt;

  143. 		a.requestingScheme = scheme;

  144. 		return a.getPasswordAuthentication();

  145. 	    }

  146. 	}

  147.     }

  148. 

  149.     /**

  150.      * @return the InetAddress of the site requesting authorization, or null

  151.      *		if it's not available.

  152.      */

  153.     protected final InetAddress getRequestingSite() {

  154. 	return requestingSite;

  155.     }

  156. 

  157.     /**

  158.      * @return the port for the requested connection

  159.      */

  160.     protected final int getRequestingPort() {

  161. 	return requestingPort;

  162.     }

  163. 

  164.     /**

  165.      * Give the protocol that's requesting the connection.  Often this

  166.      * will be based on a URL, but in a future JDK it could be, for

  167.      * example, "SOCKS" for a password-protected SOCKS5 firewall.

  168.      *

  169.      * @return the protcol, optionally followed by "/version", where

  170.      *		version is a version number.

  171.      *

  172.      * @see java.net.URL.getProtocol()

  173.      */

  174.     protected final String getRequestingProtocol() {

  175. 	return requestingProtocol;

  176.     }

  177. 

  178.     /**

  179.      * @return the prompt string given by the requestor (realm for

  180.      *		http requests)

  181.      */

  182.     protected final String getRequestingPrompt() {

  183. 	return requestingPrompt;

  184.     }

  185. 

  186.     /**

  187.      * @return the scheme of the requestor (the HTTP scheme

  188.      *		for an HTTP firewall, for example)

  189.      */

  190.     protected final String getRequestingScheme() {

  191. 	return requestingScheme;

  192.     }

  193. 

  194.     /**

  195.      * Called when password authorization is needed.  Subclasses should

  196.      * override the default implementation, which returns null.

  197.      * @return The PasswordAuthentication collected from the

  198.      *		user, or null if none is provided.

  199.      */

  200.     protected PasswordAuthentication getPasswordAuthentication() {

  201. 	return null;

  202.     }

  203. 

  204. }