• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef NET_HTTP_URL_SECURITY_MANAGER_H_
6 #define NET_HTTP_URL_SECURITY_MANAGER_H_
7 #pragma once
8 
9 #include "base/basictypes.h"
10 #include "base/memory/scoped_ptr.h"
11 
12 class GURL;
13 
14 namespace net {
15 
16 class HttpAuthFilter;
17 
18 // The URL security manager controls the policies (allow, deny, prompt user)
19 // regarding URL actions (e.g., sending the default credentials to a server).
20 class URLSecurityManager {
21  public:
URLSecurityManager()22   URLSecurityManager() {}
~URLSecurityManager()23   virtual ~URLSecurityManager() {}
24 
25   // Creates a platform-dependent instance of URLSecurityManager.
26   //
27   // |whitelist_default| is the whitelist of servers that default credentials
28   // can be used with during NTLM or Negotiate authentication. If
29   // |whitelist_default| is NULL and the platform is Windows, it indicates
30   // that security zone mapping should be used to determine whether default
31   // credentials sxhould be used. If |whitelist_default| is NULL and the
32   // platform is non-Windows, it indicates that no servers should be
33   // whitelisted.
34   //
35   // |whitelist_delegate| is the whitelist of servers that are allowed
36   // to have Delegated Kerberos tickets. If |whitelist_delegate| is NULL,
37   // no servers can have delegated Kerberos tickets.
38   //
39   // Both |whitelist_default| and |whitelist_delegate| will be owned by
40   // the created URLSecurityManager.
41   //
42   // TODO(cbentzel): Perhaps it's better to make a non-abstract HttpAuthFilter
43   //                 and just copy into the URLSecurityManager?
44   static URLSecurityManager* Create(const HttpAuthFilter* whitelist_default,
45                                     const HttpAuthFilter* whitelist_delegate);
46 
47   // Returns true if we can send the default credentials to the server at
48   // |auth_origin| for HTTP NTLM or Negotiate authentication.
49   virtual bool CanUseDefaultCredentials(const GURL& auth_origin) const = 0;
50 
51   // Returns true if Kerberos delegation is allowed for the server at
52   // |auth_origin| for HTTP Negotiate authentication.
53   virtual bool CanDelegate(const GURL& auth_origin) const = 0;
54 
55  private:
56   DISALLOW_COPY_AND_ASSIGN(URLSecurityManager);
57 };
58 
59 class URLSecurityManagerWhitelist : public URLSecurityManager {
60  public:
61   // The URLSecurityManagerWhitelist takes ownership of the whitelists.
62   URLSecurityManagerWhitelist(const HttpAuthFilter* whitelist_default,
63                               const HttpAuthFilter* whitelist_delegation);
64   virtual ~URLSecurityManagerWhitelist();
65 
66   // URLSecurityManager methods.
67   virtual bool CanUseDefaultCredentials(const GURL& auth_origin) const;
68   virtual bool CanDelegate(const GURL& auth_origin) const;
69 
70  private:
71   scoped_ptr<const HttpAuthFilter> whitelist_default_;
72   scoped_ptr<const HttpAuthFilter> whitelist_delegate_;
73 
74   DISALLOW_COPY_AND_ASSIGN(URLSecurityManagerWhitelist);
75 };
76 
77 }  // namespace net
78 
79 #endif  // NET_HTTP_URL_SECURITY_MANAGER_H_
80