01: // Copyright (C) 2003,2004,2005 by Object Mentor, Inc. All rights reserved.
02: // Released under the terms of the GNU General Public License version 2 or later.
03: package fitnesse.authentication;
04:
05: import fitnesse.http.*;
06: import fitnesse.responders.*;
07: import fitnesse.*;
08:
09: public abstract class Authenticator {
10: public Authenticator() {
11: }
12:
13: public Responder authenticate(FitNesseContext context,
14: Request request, Responder privilegedResponder)
15: throws Exception {
16: request.getCredentials();
17: String username = request.getAuthorizationUsername();
18: String password = request.getAuthorizationPassword();
19:
20: if (isAuthenticated(username, password))
21: return privilegedResponder;
22: else if (!isSecureResponder(privilegedResponder))
23: return privilegedResponder;
24: else
25: return verifyOperationIsSecure(privilegedResponder,
26: context, request);
27: }
28:
29: private Responder verifyOperationIsSecure(
30: Responder privilegedResponder, FitNesseContext context,
31: Request request) {
32: SecureOperation so = ((SecureResponder) privilegedResponder)
33: .getSecureOperation();
34: try {
35: if (so.shouldAuthenticate(context, request))
36: return new UnauthorizedResponder();
37: else
38: return privilegedResponder;
39: } catch (Exception e) {
40: e.printStackTrace();
41: return new UnauthorizedResponder();
42: }
43: }
44:
45: private boolean isSecureResponder(Responder privilegedResponder) {
46: return (privilegedResponder instanceof SecureResponder);
47: }
48:
49: public abstract boolean isAuthenticated(String username,
50: String password) throws Exception;
51:
52: public String toString() {
53: return getClass().getName();
54: }
55: }
|