1 package com.atlassian.seraph.auth;
2
3 import javax.servlet.http.HttpServletRequest;
4 import javax.servlet.http.HttpServletResponse;
5
6 /**
7 * An enumeration of why a login attempt has failed
8 */
9 public enum LoginReason
10 {
11 /**
12 * The user is not allowed to even attempt a login. They are not allowed to by the {@link
13 * com.atlassian.seraph.elevatedsecurity.ElevatedSecurityGuard}
14 */
15 AUTHENTICATION_DENIED,
16 /**
17 * The user could not be authenticated.
18 */
19 AUTHENTICATED_FAILED,
20 /**
21 * The user could not be authorised.
22 */
23 AUTHORISATION_FAILED,
24 /**
25 * This indicates that person has in fact logged "out"
26 */
27 OUT,
28 /**
29 * The login was OK
30 */
31 OK;
32
33 private static final String X_SERAPH_LOGIN_REASON = "X-Seraph-LoginReason";
34 private static final String ATTR_NAME = LoginReason.class.getName();
35
36 /**
37 * This will stamp an attribute to the request called "com.atlassian.seraph.auth.LoginReason" to the toString() of
38 * the enum and will also add an "X-Seraph-LoginReason" to this value
39 * <p/>
40 * Once a request/response is stamped, it wont be stamped again
41 *
42 * @param httpServletRequest the request
43 * @param httpServletResponse the response
44 *
45 * @return this to give us a nice builder pattern
46 */
47 public LoginReason stampRequestResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse)
48 {
49 if (httpServletRequest.getAttribute(ATTR_NAME) == null)
50 {
51 httpServletRequest.setAttribute(ATTR_NAME, this);
52 /**
53 * Whats this I hear say, how can there be no httpServletResponse when there is a httpServletRequest? Its because the original makers of Seraph
54 * in their INFINITE design wisdom decide that you could make a call like Authenticator.getUser(httpServletRequest) BUT that it would
55 * expand our to call Authenticator.getUser(httpServletRequest, null). FAN IN - FAN OUT !!
56 *
57 * So anyways its possible that you may not have a response object. depending on the weather and the call path. So we handle it, he says shaking his head
58 * and generally feeling pretty disgusted, once again, in Seraphs design or lack thereof!
59 */
60 if (httpServletResponse != null)
61 {
62 httpServletResponse.addHeader(X_SERAPH_LOGIN_REASON, this.toString());
63 }
64 }
65 return this;
66 }
67 }