https://openjdk.java.net/ 
/*
 * Copyright (c) 2006, 2013, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package com.sun.net.httpserver;
import java.net.*;
import java.io.*;
import java.util.*;


Authenticator represents an implementation of an HTTP authentication
mechanism. Sub-classes provide implementations of specific mechanisms
such as Digest or Basic auth. Instances are invoked to provide verification
of the authentication information provided in all incoming requests.
Note. This implies that any caching of credentials or other authentication
information must be done outside of this class.

/**
 * Authenticator represents an implementation of an HTTP authentication
 * mechanism. Sub-classes provide implementations of specific mechanisms
 * such as Digest or Basic auth. Instances are invoked to provide verification
 * of the authentication information provided in all incoming requests.
 * Note. This implies that any caching of credentials or other authentication
 * information must be done outside of this class.
 */
public abstract class Authenticator {

    
Base class for return type from authenticate() method

/**
     * Base class for return type from authenticate() method
     */
    public abstract static class Result {}

    
Indicates an authentication failure. The authentication
attempt has completed.

/**
     * Indicates an authentication failure. The authentication
     * attempt has completed.
     */
    public static class Failure extends Result {

        private int responseCode;

        public Failure (int responseCode) {
            this.responseCode = responseCode;
        }

        
returns the response code to send to the client

/**
         * returns the response code to send to the client
         */
        public int getResponseCode() {
            return responseCode;
        }
    }

    
Indicates an authentication has succeeded and the
authenticated user principal can be acquired by calling
getPrincipal().

/**
     * Indicates an authentication has succeeded and the
     * authenticated user principal can be acquired by calling
     * getPrincipal().
     */
    public static class Success extends Result {
        private HttpPrincipal principal;

        public Success (HttpPrincipal p) {
            principal = p;
        }
        
returns the authenticated user Principal

/**
         * returns the authenticated user Principal
         */
        public HttpPrincipal getPrincipal() {
            return principal;
        }
    }

    
Indicates an authentication must be retried. The
response code to be sent back is as returned from
getResponseCode(). The Authenticator must also have
set any necessary response headers in the given HttpExchange
before returning this Retry object.

/**
     * Indicates an authentication must be retried. The
     * response code to be sent back is as returned from
     * getResponseCode(). The Authenticator must also have
     * set any necessary response headers in the given HttpExchange
     * before returning this Retry object.
     */
    public static class Retry extends Result {

        private int responseCode;

        public Retry (int responseCode) {
            this.responseCode = responseCode;
        }

        
returns the response code to send to the client

/**
         * returns the response code to send to the client
         */
        public int getResponseCode() {
            return responseCode;
        }
    }

    
called to authenticate each incoming request. The implementation
must return a Failure, Success or Retry object as appropriate :-


Failure means the authentication has completed, but has failed
due to invalid credentials.


Sucess means that the authentication
has succeeded, and a Principal object representing the user
can be retrieved by calling Sucess.getPrincipal() .


Retry means that another HTTP exchange is required. Any response
headers needing to be sent back to the client are set in the
given HttpExchange. The response code to be returned must be provided
in the Retry object. Retry may occur multiple times.

/**
     * called to authenticate each incoming request. The implementation
     * must return a Failure, Success or Retry object as appropriate :-
     * <p>
     * Failure means the authentication has completed, but has failed
     * due to invalid credentials.
     * <p>
     * Sucess means that the authentication
     * has succeeded, and a Principal object representing the user
     * can be retrieved by calling Sucess.getPrincipal() .
     * <p>
     * Retry means that another HTTP exchange is required. Any response
     * headers needing to be sent back to the client are set in the
     * given HttpExchange. The response code to be returned must be provided
     * in the Retry object. Retry may occur multiple times.
     */
    public abstract Result authenticate (HttpExchange exch);
}