001/*
002 * This library is part of OpenCms -
003 * the Open Source Content Management System
004 *
005 * Copyright (c) Alkacon Software GmbH & Co. KG (http://www.alkacon.com)
006 *
007 * This library is free software; you can redistribute it and/or
008 * modify it under the terms of the GNU Lesser General Public
009 * License as published by the Free Software Foundation; either
010 * version 2.1 of the License, or (at your option) any later version.
011 *
012 * This library is distributed in the hope that it will be useful,
013 * but WITHOUT ANY WARRANTY; without even the implied warranty of
014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015 * Lesser General Public License for more details.
016 *
017 * For further information about Alkacon Software GmbH & Co. KG, please see the
018 * company website: http://www.alkacon.com
019 *
020 * For further information about OpenCms, please see the
021 * project website: http://www.opencms.org
022 *
023 * You should have received a copy of the GNU Lesser General Public
024 * License along with this library; if not, write to the Free Software
025 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
026 */
027
028package org.opencms.main;
029
030import org.opencms.workplace.CmsWorkplace;
031
032/**
033 * Contains the settings to handle HTTP basic authentication.<p>
034 *
035 * These settings control whether a browser-based pop-up dialog should be used for
036 * authentication, or of the user should be redirected to an OpenCms URI for a
037 * form-based authentication.<p>
038 *
039 * Since the URI for the form-based authentication is a system wide setting, users
040 * are able to specify different authentication forms in a property "login-form" on
041 * resources that require authentication.<p>
042 *
043 * @since 6.0.0
044 */
045public class CmsHttpAuthenticationSettings {
046
047    /** The mechanism name for basic HTTP authentication. */
048    public static final String AUTHENTICATION_BASIC = "BASIC";
049
050    /** The mechanism name for form based authentication. */
051    public static final String AUTHENTICATION_FORM = "FORM";
052
053    /** The URI of the default authentication form. */
054    public static final String DEFAULT_AUTHENTICATION_URI = CmsWorkplace.VFS_PATH_WORKPLACE
055        + "action/authenticate.html";
056
057    /** The mechanism used in browser-based HTTP authentication. */
058    private String m_browserBasedAuthenticationMechanism;
059
060    /** The URI of the system wide login form if browser-based HTTP basic authentication is disabled. */
061    private String m_formBasedHttpAuthenticationUri;
062
063    /** Boolean flag to enable or disable browser-based HTTP basic authentication. */
064    private boolean m_useBrowserBasedHttpAuthentication;
065
066    /**
067     * Default constructor.<p>
068     */
069    public CmsHttpAuthenticationSettings() {
070
071        super();
072        m_useBrowserBasedHttpAuthentication = true;
073        m_browserBasedAuthenticationMechanism = null;
074        m_formBasedHttpAuthenticationUri = null;
075    }
076
077    /**
078     * Returns the browser based authentication mechanism or <code>null</code> if unused.
079     *
080     * @return "BASIC" in case of browser based basic authentication, "FORM" in case of form based authentication or the alternative mechanism or <code>null</code> if unused.
081     */
082    public String getBrowserBasedAuthenticationMechanism() {
083
084        if (m_useBrowserBasedHttpAuthentication) {
085            return AUTHENTICATION_BASIC;
086        } else if (m_browserBasedAuthenticationMechanism != null) {
087            return m_browserBasedAuthenticationMechanism;
088        } else if (m_formBasedHttpAuthenticationUri != null) {
089            return AUTHENTICATION_FORM;
090        } else {
091            return null;
092        }
093    }
094
095    /**
096     * Returns the browser based authentication text for the configuration.<p>
097     *
098     * @return the browser based authentication text for the configuration
099     */
100    public String getConfigBrowserBasedAuthentication() {
101
102        if (m_useBrowserBasedHttpAuthentication) {
103            return Boolean.TRUE.toString();
104        } else if (m_browserBasedAuthenticationMechanism != null) {
105            return m_browserBasedAuthenticationMechanism;
106        } else {
107            return Boolean.FALSE.toString();
108        }
109    }
110
111    /**
112     * Returns the URI of the system wide login form if browser-based HTTP basic authentication is disabled.<p>
113     *
114     * @return the URI of the system wide login form if browser-based HTTP basic authentication is disabled
115     */
116    public String getFormBasedHttpAuthenticationUri() {
117
118        return m_formBasedHttpAuthenticationUri;
119    }
120
121    /**
122     * Sets the URI of the system wide login form if browser-based HTTP basic authentication is disabled.<p>
123     *
124     * @param uri the URI of the system wide login form if browser-based HTTP basic authentication is disabled to set
125     */
126    public void setFormBasedHttpAuthenticationUri(String uri) {
127
128        m_formBasedHttpAuthenticationUri = uri;
129    }
130
131    /**
132     * Sets if browser-based HTTP basic authentication is enabled or disabled.<p>
133     *
134     * @param value a boolean value to specifiy if browser-based HTTP basic authentication should be enabled
135     */
136    public void setUseBrowserBasedHttpAuthentication(boolean value) {
137
138        m_useBrowserBasedHttpAuthentication = value;
139        m_browserBasedAuthenticationMechanism = null;
140    }
141
142    /**
143     * Sets if browser-based HTTP basic authentication is enabled or disabled.<p>
144     *
145     * @param value a string {<code>"true"</code>|<code>"false"</code>} to specify if browser-based HTTP basic authentication should be enabled;
146     *        if another string is provided, the flag for browser based basic authentication is disabled and the value is stored as authentication mechanism.
147     */
148    public void setUseBrowserBasedHttpAuthentication(String value) {
149
150        m_useBrowserBasedHttpAuthentication = Boolean.valueOf(value).booleanValue();
151        if (!m_useBrowserBasedHttpAuthentication && !value.equalsIgnoreCase(Boolean.FALSE.toString())) {
152            if (value.equalsIgnoreCase(AUTHENTICATION_BASIC)) {
153                m_useBrowserBasedHttpAuthentication = true;
154            } else {
155                m_browserBasedAuthenticationMechanism = value;
156                m_useBrowserBasedHttpAuthentication = false;
157            }
158        }
159    }
160
161    /**
162     * Tests if browser-based HTTP basic authentication is enabled or disabled.<p>
163     *
164     * @return true if browser-based HTTP basic authentication is enabled
165     */
166    public boolean useBrowserBasedHttpAuthentication() {
167
168        return m_useBrowserBasedHttpAuthentication;
169    }
170
171}