| OLD | NEW |
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_HTTP_URL_SECURITY_MANAGER_H_ | 5 #ifndef NET_HTTP_URL_SECURITY_MANAGER_H_ |
| 6 #define NET_HTTP_URL_SECURITY_MANAGER_H_ | 6 #define NET_HTTP_URL_SECURITY_MANAGER_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include "base/scoped_ptr.h" | 9 #include "base/scoped_ptr.h" |
| 10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
| 11 | 11 |
| 12 class GURL; | 12 class GURL; |
| 13 | 13 |
| 14 namespace net { | 14 namespace net { |
| 15 | 15 |
| 16 class HttpAuthFilter; | 16 class HttpAuthFilter; |
| 17 | 17 |
| 18 // The URL security manager controls the policies (allow, deny, prompt user) | 18 // The URL security manager controls the policies (allow, deny, prompt user) |
| 19 // regarding URL actions (e.g., sending the default credentials to a server). | 19 // regarding URL actions (e.g., sending the default credentials to a server). |
| 20 class URLSecurityManager { | 20 class URLSecurityManager { |
| 21 public: | 21 public: |
| 22 URLSecurityManager() {} | 22 URLSecurityManager() {} |
| 23 virtual ~URLSecurityManager() {} | 23 virtual ~URLSecurityManager() {} |
| 24 | 24 |
| 25 // Creates a platform-dependent instance of URLSecurityManager. | 25 // Creates a platform-dependent instance of URLSecurityManager. |
| 26 // The URLSecurityManager takes ownership of the HttpAuthFilter. | 26 // |
| 27 static URLSecurityManager* Create(HttpAuthFilter* whitelist); | 27 // |whitelist_default| is the whitelist of servers that default credentials |
| 28 // can be used with during NTLM or Negotiate authentication. If |
| 29 // |whitelist_default| is NULL and the platform is Windows, it indicates |
| 30 // that security zone mapping should be used to determine whether default |
| 31 // credentials sxhould be used. If |whitelist_default| is NULL and the |
| 32 // platform is non-Windows, it indicates that no servers should be |
| 33 // whitelisted. |
| 34 // |
| 35 // |whitelist_delegate| is the whitelist of servers that are allowed |
| 36 // to have Delegated Kerberos tickets. If |whitelist_delegate| is NULL, |
| 37 // no servers can have delegated Kerberos tickets. |
| 38 // |
| 39 // Both |whitelist_default| and |whitelist_delegate| will be owned by |
| 40 // the created URLSecurityManager. |
| 41 // |
| 42 // TODO(cbentzel): Perhaps it's better to make a non-abstract HttpAuthFilter |
| 43 // and just copy into the URLSecurityManager? |
| 44 static URLSecurityManager* Create(const HttpAuthFilter* whitelist_default, |
| 45 const HttpAuthFilter* whitelist_delegate); |
| 28 | 46 |
| 29 // Returns true if we can send the default credentials to the server at | 47 // Returns true if we can send the default credentials to the server at |
| 30 // |auth_origin| for HTTP NTLM or Negotiate authentication. | 48 // |auth_origin| for HTTP NTLM or Negotiate authentication. |
| 31 virtual bool CanUseDefaultCredentials(const GURL& auth_origin) = 0; | 49 virtual bool CanUseDefaultCredentials(const GURL& auth_origin) const = 0; |
| 50 |
| 51 // Returns true if Kerberos delegation is allowed for the server at |
| 52 // |auth_origin| for HTTP Negotiate authentication. |
| 53 virtual bool CanDelegate(const GURL& auth_origin) const = 0; |
| 32 | 54 |
| 33 private: | 55 private: |
| 34 DISALLOW_COPY_AND_ASSIGN(URLSecurityManager); | 56 DISALLOW_COPY_AND_ASSIGN(URLSecurityManager); |
| 35 }; | 57 }; |
| 36 | 58 |
| 37 class URLSecurityManagerWhitelist : public URLSecurityManager { | 59 class URLSecurityManagerWhitelist : public URLSecurityManager { |
| 38 public: | 60 public: |
| 39 // The URLSecurityManagerWhitelist takes ownership of the HttpAuthFilter. | 61 // The URLSecurityManagerWhitelist takes ownership of the whitelists. |
| 40 explicit URLSecurityManagerWhitelist(HttpAuthFilter* whitelist); | 62 URLSecurityManagerWhitelist(const HttpAuthFilter* whitelist_default, |
| 63 const HttpAuthFilter* whitelist_delegation); |
| 41 | 64 |
| 42 // URLSecurityManager methods. | 65 // URLSecurityManager methods. |
| 43 virtual bool CanUseDefaultCredentials(const GURL& auth_origin); | 66 virtual bool CanUseDefaultCredentials(const GURL& auth_origin) const; |
| 67 virtual bool CanDelegate(const GURL& auth_origin) const; |
| 44 | 68 |
| 45 private: | 69 private: |
| 46 scoped_ptr<HttpAuthFilter> whitelist_; | 70 scoped_ptr<const HttpAuthFilter> whitelist_default_; |
| 71 scoped_ptr<const HttpAuthFilter> whitelist_delegate_; |
| 47 | 72 |
| 48 DISALLOW_COPY_AND_ASSIGN(URLSecurityManagerWhitelist); | 73 DISALLOW_COPY_AND_ASSIGN(URLSecurityManagerWhitelist); |
| 49 }; | 74 }; |
| 50 | 75 |
| 51 #if defined(UNIT_TEST) | 76 #if defined(UNIT_TEST) |
| 52 // An URLSecurityManager which always allows default credentials. | 77 // An URLSecurityManager which is very permissive. |
| 53 class URLSecurityManagerAllow : public URLSecurityManager { | 78 class URLSecurityManagerAllow : public URLSecurityManager { |
| 54 public: | 79 public: |
| 55 URLSecurityManagerAllow() {} | 80 URLSecurityManagerAllow() {} |
| 56 virtual ~URLSecurityManagerAllow() {} | 81 virtual ~URLSecurityManagerAllow() {} |
| 57 | 82 |
| 58 virtual bool CanUseDefaultCredentials(const GURL& auth_origin) { | 83 virtual bool CanUseDefaultCredentials(const GURL& auth_origin) const { |
| 84 return true; |
| 85 } |
| 86 virtual bool CanDelegate(const GURL& auth_origin) const { |
| 59 return true; | 87 return true; |
| 60 } | 88 } |
| 61 | 89 |
| 62 private: | 90 private: |
| 63 DISALLOW_COPY_AND_ASSIGN(URLSecurityManagerAllow); | 91 DISALLOW_COPY_AND_ASSIGN(URLSecurityManagerAllow); |
| 64 }; | 92 }; |
| 65 #endif // defined(UNIT_TEST) | 93 #endif // defined(UNIT_TEST) |
| 66 | 94 |
| 67 } // namespace net | 95 } // namespace net |
| 68 | 96 |
| 69 #endif // NET_HTTP_URL_SECURITY_MANAGER_H_ | 97 #endif // NET_HTTP_URL_SECURITY_MANAGER_H_ |
| OLD | NEW |