Home | History | Annotate | Download | only in http
      1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef NET_HTTP_URL_SECURITY_MANAGER_H_
      6 #define NET_HTTP_URL_SECURITY_MANAGER_H_
      7 #pragma once
      8 
      9 #include "base/basictypes.h"
     10 #include "base/memory/scoped_ptr.h"
     11 
     12 class GURL;
     13 
     14 namespace net {
     15 
     16 class HttpAuthFilter;
     17 
     18 // The URL security manager controls the policies (allow, deny, prompt user)
     19 // regarding URL actions (e.g., sending the default credentials to a server).
     20 class URLSecurityManager {
     21  public:
     22   URLSecurityManager() {}
     23   virtual ~URLSecurityManager() {}
     24 
     25   // Creates a platform-dependent instance of URLSecurityManager.
     26   //
     27   // |whitelist_default| is the whitelist of servers that default credentials
     28   // can be used with during NTLM or Negotiate authentication. If
     29   // |whitelist_default| is NULL and the platform is Windows, it indicates
     30   // that security zone mapping should be used to determine whether default
     31   // credentials sxhould be used. If |whitelist_default| is NULL and the
     32   // platform is non-Windows, it indicates that no servers should be
     33   // whitelisted.
     34   //
     35   // |whitelist_delegate| is the whitelist of servers that are allowed
     36   // to have Delegated Kerberos tickets. If |whitelist_delegate| is NULL,
     37   // no servers can have delegated Kerberos tickets.
     38   //
     39   // Both |whitelist_default| and |whitelist_delegate| will be owned by
     40   // the created URLSecurityManager.
     41   //
     42   // TODO(cbentzel): Perhaps it's better to make a non-abstract HttpAuthFilter
     43   //                 and just copy into the URLSecurityManager?
     44   static URLSecurityManager* Create(const HttpAuthFilter* whitelist_default,
     45                                     const HttpAuthFilter* whitelist_delegate);
     46 
     47   // Returns true if we can send the default credentials to the server at
     48   // |auth_origin| for HTTP NTLM or Negotiate authentication.
     49   virtual bool CanUseDefaultCredentials(const GURL& auth_origin) const = 0;
     50 
     51   // Returns true if Kerberos delegation is allowed for the server at
     52   // |auth_origin| for HTTP Negotiate authentication.
     53   virtual bool CanDelegate(const GURL& auth_origin) const = 0;
     54 
     55  private:
     56   DISALLOW_COPY_AND_ASSIGN(URLSecurityManager);
     57 };
     58 
     59 class URLSecurityManagerWhitelist : public URLSecurityManager {
     60  public:
     61   // The URLSecurityManagerWhitelist takes ownership of the whitelists.
     62   URLSecurityManagerWhitelist(const HttpAuthFilter* whitelist_default,
     63                               const HttpAuthFilter* whitelist_delegation);
     64   virtual ~URLSecurityManagerWhitelist();
     65 
     66   // URLSecurityManager methods.
     67   virtual bool CanUseDefaultCredentials(const GURL& auth_origin) const;
     68   virtual bool CanDelegate(const GURL& auth_origin) const;
     69 
     70  private:
     71   scoped_ptr<const HttpAuthFilter> whitelist_default_;
     72   scoped_ptr<const HttpAuthFilter> whitelist_delegate_;
     73 
     74   DISALLOW_COPY_AND_ASSIGN(URLSecurityManagerWhitelist);
     75 };
     76 
     77 }  // namespace net
     78 
     79 #endif  // NET_HTTP_URL_SECURITY_MANAGER_H_
     80