1. /*

  2.  * @(#)Authenticator.java	1.20 00/02/02

  3.  *

  4.  * Copyright 1997-2000 Sun Microsystems, Inc. All Rights Reserved.

  5.  * 

  6.  * This software is the proprietary information of Sun Microsystems, Inc.  

  7.  * Use is subject to license terms.

  8.  * 

  9.  */

  10. 

  11. package java.net;

  12. 

  13. /**

  14.  * The class Authenticator represents an object that knows how to obtain

  15.  * authentication for a network connection.  Usually, it will do this

  16.  * by prompting the user for information.

  17.  * <p>

  18.  * Applications use this class by creating a subclass, and registering

  19.  * an instance of that subclass with the system with setDefault().

  20.  * When authentication is required, the system will invoke a method

  21.  * on the subclass (like getPasswordAuthentication).  The subclass's

  22.  * method can query about the authentication being requested with a

  23.  * number of inherited methods (getRequestingXXX()), and form an

  24.  * appropriate message for the user.

  25.  * <p>

  26.  * All methods that request authentication have a default implementation

  27.  * that fails.

  28.  *

  29.  * @see java.net.Authenticator#setDefault(java.net.Authenticator)

  30.  * @see java.net.Authenticator#getPasswordAuthentication()

  31.  *

  32.  * @author  Bill Foote

  33.  * @version 1.20, 02/02/00

  34.  * @since   1.2

  35.  */

  36. 

  37. // There are no abstract methods, but to be useful the user must

  38. // subclass.

  39. public abstract 

  40. class Authenticator {

  41. 

  42.     // The system-wide authenticator object.  See setDefault().

  43.     private static Authenticator theAuthenticator;

  44. 

  45.     private InetAddress requestingSite;

  46.     private int requestingPort;

  47.     private String requestingProtocol;

  48.     private String requestingPrompt;

  49.     private String requestingScheme;

  50. 

  51.     private void reset() {

  52. 	requestingSite = null;

  53. 	requestingPort = -1;

  54. 	requestingProtocol = null;

  55. 	requestingPrompt = null;

  56. 	requestingScheme = null;

  57.     }

  58. 

  59. 

  60.     /**

  61.      * Sets the authenticator that will be used by the networking code

  62.      * when a proxy or an HTTP server asks for authenticator.

  63.      * If an Authenticator has already been established

  64.      * as the current authenticator, no action will be taken.

  65.      * If the argument is <code>null</code> and no

  66.      * authenticator has been established, then no action is taken

  67.      * and the method simply returns.

  68.      * <p>

  69.      * First, if there is a security manager, its <code>checkPermission</code> 

  70.      * method is called with a 

  71.      * <code>NetPermission("setDefaultAuthenticator")</code> permission.

  72.      * This may result in a java.lang.SecurityException. 

  73.      * <p>

  74.      * Typically, this method will be called exactly once, at system startup.

  75.      *

  76.      * @param	a	The authenticator

  77.      *

  78.      * @throws SecurityException

  79.      *        if a security manager exists and its 

  80.      *        <code>checkPermission</code> method doesn't allow 

  81.      *        setting the default authenticator.

  82.      *

  83.      * @see SecurityManager#checkPermission

  84.      * @see java.net.NetPermission

  85.      */

  86.     public synchronized static void setDefault(Authenticator a) {

  87. 	NetPermission setDefaultPermission

  88. 	    = new NetPermission("setDefaultAuthenticator");

  89. 	SecurityManager sm = System.getSecurityManager();

  90. 	if (sm != null) sm.checkPermission(setDefaultPermission);

  91. 	if (theAuthenticator != null) {

  92. 	    return;

  93. 	}

  94. 	theAuthenticator = a;

  95.     }

  96. 

  97.     /**

  98.      * Ask the authenticator that has been registered with the system

  99.      * for a password.

  100.      * <p>

  101.      * First, if there is a security manager, its <code>checkPermission</code> 

  102.      * method is called with a 

  103.      * <code>NetPermission("requestPasswordAuthentication")</code> permission.

  104.      * This may result in a java.lang.SecurityException. 

  105.      *

  106.      * @param addr The InetAddress of the site requesting authorization,

  107.      *             or null if not known.

  108.      * @param port the port for the requested connection

  109.      * @param protocol The protocol that's requesting the connection

  110.      *          ({@link java.net.Authenticator#getProtocol()})

  111.      * @param prompt A prompt string for the user

  112.      * @param scheme The authentication scheme

  113.      *

  114.      * @return The username/password, or null if one can't be gotten.

  115.      *

  116.      * @throws SecurityException

  117.      *        if a security manager exists and its 

  118.      *        <code>checkPermission</code> method doesn't allow 

  119.      *        the password authentication request.

  120.      *

  121.      * @see SecurityManager#checkPermission

  122.      * @see java.net.NetPermission

  123.      */

  124.     public static PasswordAuthentication requestPasswordAuthentication(

  125. 					    InetAddress addr,

  126. 					    int port,

  127. 					    String protocol,

  128. 					    String prompt,

  129. 					    String scheme) {

  130. 

  131. 	NetPermission requestPermission

  132. 	    = new NetPermission("requestPasswordAuthentication");

  133. 	SecurityManager sm = System.getSecurityManager();

  134. 	if (sm != null) sm.checkPermission(requestPermission);

  135. 

  136. 	Authenticator a = theAuthenticator;

  137. 	if (a == null) {

  138. 	    return null;

  139. 	} else {

  140. 	    synchronized(a) {

  141. 		a.reset();

  142. 		a.requestingSite = addr;

  143. 		a.requestingPort = port;

  144. 		a.requestingProtocol = protocol;

  145. 		a.requestingPrompt = prompt;

  146. 		a.requestingScheme = scheme;

  147. 		return a.getPasswordAuthentication();

  148. 	    }

  149. 	}

  150.     }

  151. 

  152.     /**

  153.      * Gets the <code>InetAddress</code> of the

  154.      * site requesting authorization, or <code>null</code>

  155.      * if not available.

  156.      * 

  157.      * @return the InetAddress of the site requesting authorization, or null

  158.      *		if it's not available.

  159.      */

  160.     protected final InetAddress getRequestingSite() {

  161. 	return requestingSite;

  162.     }

  163. 

  164.     /**

  165.      * Gets the port number for the requested connection.

  166.      * @return an <code>int</code> indicating the 

  167.      * port for the requested connection.

  168.      */

  169.     protected final int getRequestingPort() {

  170. 	return requestingPort;

  171.     }

  172. 

  173.     /**

  174.      * Give the protocol that's requesting the connection.  Often this

  175.      * will be based on a URL, but in a future SDK it could be, for

  176.      * example, "SOCKS" for a password-protected SOCKS5 firewall.

  177.      *

  178.      * @return the protcol, optionally followed by "/version", where

  179.      *		version is a version number.

  180.      *

  181.      * @see java.net.URL#getProtocol()

  182.      */

  183.     protected final String getRequestingProtocol() {

  184. 	return requestingProtocol;

  185.     }

  186. 

  187.     /**

  188.      * Gets the prompt string given by the requestor.

  189.      *

  190.      * @return the prompt string given by the requestor (realm for

  191.      *		http requests)

  192.      */

  193.     protected final String getRequestingPrompt() {

  194. 	return requestingPrompt;

  195.     }

  196. 

  197.     /**

  198.      * Gets the scheme of the requestor (the HTTP scheme

  199.      * for an HTTP firewall, for example).

  200.      *

  201.      * @return the scheme of the requestor

  202.      *	      

  203.      */

  204.     protected final String getRequestingScheme() {

  205. 	return requestingScheme;

  206.     }

  207. 

  208.     /**

  209.      * Called when password authorization is needed.  Subclasses should

  210.      * override the default implementation, which returns null.

  211.      * @return The PasswordAuthentication collected from the

  212.      *		user, or null if none is provided.

  213.      */

  214.     protected PasswordAuthentication getPasswordAuthentication() {

  215. 	return null;

  216.     }

  217. 

  218. }

  219. 

  220. 

  221. 

  222. 

  223. 

  224.