1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_HTTP_URL_SECURITY_MANAGER_H_ 6 #define NET_HTTP_URL_SECURITY_MANAGER_H_ 7 #pragma once 8 9 #include "base/basictypes.h" 10 #include "base/memory/scoped_ptr.h" 11 12 class GURL; 13 14 namespace net { 15 16 class HttpAuthFilter; 17 18 // The URL security manager controls the policies (allow, deny, prompt user) 19 // regarding URL actions (e.g., sending the default credentials to a server). 20 class URLSecurityManager { 21 public: 22 URLSecurityManager() {} 23 virtual ~URLSecurityManager() {} 24 25 // Creates a platform-dependent instance of URLSecurityManager. 26 // 27 // |whitelist_default| is the whitelist of servers that default credentials 28 // can be used with during NTLM or Negotiate authentication. If 29 // |whitelist_default| is NULL and the platform is Windows, it indicates 30 // that security zone mapping should be used to determine whether default 31 // credentials sxhould be used. If |whitelist_default| is NULL and the 32 // platform is non-Windows, it indicates that no servers should be 33 // whitelisted. 34 // 35 // |whitelist_delegate| is the whitelist of servers that are allowed 36 // to have Delegated Kerberos tickets. If |whitelist_delegate| is NULL, 37 // no servers can have delegated Kerberos tickets. 38 // 39 // Both |whitelist_default| and |whitelist_delegate| will be owned by 40 // the created URLSecurityManager. 41 // 42 // TODO(cbentzel): Perhaps it's better to make a non-abstract HttpAuthFilter 43 // and just copy into the URLSecurityManager? 44 static URLSecurityManager* Create(const HttpAuthFilter* whitelist_default, 45 const HttpAuthFilter* whitelist_delegate); 46 47 // Returns true if we can send the default credentials to the server at 48 // |auth_origin| for HTTP NTLM or Negotiate authentication. 49 virtual bool CanUseDefaultCredentials(const GURL& auth_origin) const = 0; 50 51 // Returns true if Kerberos delegation is allowed for the server at 52 // |auth_origin| for HTTP Negotiate authentication. 53 virtual bool CanDelegate(const GURL& auth_origin) const = 0; 54 55 private: 56 DISALLOW_COPY_AND_ASSIGN(URLSecurityManager); 57 }; 58 59 class URLSecurityManagerWhitelist : public URLSecurityManager { 60 public: 61 // The URLSecurityManagerWhitelist takes ownership of the whitelists. 62 URLSecurityManagerWhitelist(const HttpAuthFilter* whitelist_default, 63 const HttpAuthFilter* whitelist_delegation); 64 virtual ~URLSecurityManagerWhitelist(); 65 66 // URLSecurityManager methods. 67 virtual bool CanUseDefaultCredentials(const GURL& auth_origin) const; 68 virtual bool CanDelegate(const GURL& auth_origin) const; 69 70 private: 71 scoped_ptr<const HttpAuthFilter> whitelist_default_; 72 scoped_ptr<const HttpAuthFilter> whitelist_delegate_; 73 74 DISALLOW_COPY_AND_ASSIGN(URLSecurityManagerWhitelist); 75 }; 76 77 } // namespace net 78 79 #endif // NET_HTTP_URL_SECURITY_MANAGER_H_ 80