001: /*
002: * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/Constants.java,v 1.7 2001/08/01 03:04:04 craigmcc Exp $
003: * $Revision: 1.7 $
004: * $Date: 2001/08/01 03:04:04 $
005: *
006: * ====================================================================
007: *
008: * The Apache Software License, Version 1.1
009: *
010: * Copyright (c) 1999 The Apache Software Foundation. All rights
011: * reserved.
012: *
013: * Redistribution and use in source and binary forms, with or without
014: * modification, are permitted provided that the following conditions
015: * are met:
016: *
017: * 1. Redistributions of source code must retain the above copyright
018: * notice, this list of conditions and the following disclaimer.
019: *
020: * 2. Redistributions in binary form must reproduce the above copyright
021: * notice, this list of conditions and the following disclaimer in
022: * the documentation and/or other materials provided with the
023: * distribution.
024: *
025: * 3. The end-user documentation included with the redistribution, if
026: * any, must include the following acknowlegement:
027: * "This product includes software developed by the
028: * Apache Software Foundation (http://www.apache.org/)."
029: * Alternately, this acknowlegement may appear in the software itself,
030: * if and wherever such third-party acknowlegements normally appear.
031: *
032: * 4. The names "The Jakarta Project", "Tomcat", and "Apache Software
033: * Foundation" must not be used to endorse or promote products derived
034: * from this software without prior written permission. For written
035: * permission, please contact apache@apache.org.
036: *
037: * 5. Products derived from this software may not be called "Apache"
038: * nor may "Apache" appear in their names without prior written
039: * permission of the Apache Group.
040: *
041: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
042: * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
043: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
044: * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
045: * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
046: * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
047: * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
048: * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
049: * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
050: * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
051: * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
052: * SUCH DAMAGE.
053: * ====================================================================
054: *
055: * This software consists of voluntary contributions made by many
056: * individuals on behalf of the Apache Software Foundation. For more
057: * information on the Apache Software Foundation, please see
058: * <http://www.apache.org/>.
059: *
060: * [Additional notices, if required by prior licensing conditions]
061: *
062: */
063:
064: package org.apache.catalina.authenticator;
065:
066: public class Constants {
067:
068: public static final String Package = "org.apache.catalina.authenticator";
069:
070: // Authentication methods for login configuration
071: public static final String BASIC_METHOD = "BASIC";
072: public static final String CERT_METHOD = "CLIENT-CERT";
073: public static final String DIGEST_METHOD = "DIGEST";
074: public static final String FORM_METHOD = "FORM";
075:
076: // User data constraints for transport guarantee
077: public static final String NONE_TRANSPORT = "NONE";
078: public static final String INTEGRAL_TRANSPORT = "INTEGRAL";
079: public static final String CONFIDENTIAL_TRANSPORT = "CONFIDENTIAL";
080:
081: // Form based authentication constants
082: public static final String FORM_ACTION = "/j_security_check";
083: public static final String FORM_PASSWORD = "j_password";
084: public static final String FORM_USERNAME = "j_username";
085:
086: // Cookie name for single sign on support
087: public static final String SINGLE_SIGN_ON_COOKIE = "JSESSIONIDSSO";
088:
089: // --------------------------------------------------------- Request Notes
090:
091: /**
092: * <p>If a user has been authenticated by the web layer, by means of a
093: * login method other than CLIENT_CERT, the username and password
094: * used to authenticate the user will be attached to the request as
095: * Notes for use by other server components. A server component can
096: * also call several existing methods on Request to determine whether
097: * or not any user has been authenticated:</p>
098: * <ul>
099: * <li><strong>((HttpServletRequest) getRequest()).getAuthType()</strong>
100: * will return BASIC, CLIENT-CERT, DIGEST, FORM, or <code>null</code>
101: * if there is no authenticated user.</li>
102: * <li><strong>((HttpServletRequest) getRequest()).getUserPrincipal()</strong>
103: * will return the authenticated <code>Principal</code> returned by the
104: * <code>Realm</code> that authenticated this user.</li>
105: * </ul>
106: * <p>If CLIENT_CERT authentication was performed, the certificate chain
107: * will be available as a request attribute, as defined in the
108: * servlet specification.</p>
109: */
110:
111: /**
112: * The notes key for the password used to authenticate this user.
113: */
114: public static final String REQ_PASSWORD_NOTE = "org.apache.catalina.request.PASSWORD";
115:
116: /**
117: * The notes key for the username used to authenticate this user.
118: */
119: public static final String REQ_USERNAME_NOTE = "org.apache.catalina.request.USERNAME";
120:
121: /**
122: * The notes key to track the single-sign-on identity with which this
123: * request is associated.
124: */
125: public static final String REQ_SSOID_NOTE = "org.apache.catalina.request.SSOID";
126:
127: // ---------------------------------------------------------- Session Notes
128:
129: /**
130: * If the <code>cache</code> property of our authenticator is set, and
131: * the current request is part of a session, authentication information
132: * will be cached to avoid the need for repeated calls to
133: * <code>Realm.authenticate()</code>, under the following keys:
134: */
135:
136: /**
137: * The notes key for the password used to authenticate this user.
138: */
139: public static final String SESS_PASSWORD_NOTE = "org.apache.catalina.session.PASSWORD";
140:
141: /**
142: * The notes key for the username used to authenticate this user.
143: */
144: public static final String SESS_USERNAME_NOTE = "org.apache.catalina.session.USERNAME";
145:
146: /**
147: * The following note keys are used during form login processing to
148: * cache required information prior to the completion of authentication.
149: */
150:
151: /**
152: * The previously authenticated principal (if caching is disabled).
153: */
154: public static final String FORM_PRINCIPAL_NOTE = "org.apache.catalina.authenticator.PRINCIPAL";
155:
156: /**
157: * The original request information, to which the user will be
158: * redirected if authentication succeeds.
159: */
160: public static final String FORM_REQUEST_NOTE = "org.apache.catalina.authenticator.REQUEST";
161:
162: }
|