nexpose 0.0.98 → 0.1.0

data/lib/nexpose/common.rb

@@ -0,0 +1,138 @@
+module Nexpose
+
+  # Configuration structure for e-mail notification.
+  #
+  # The send_as and send_to_acl_as attributes are optional, but one of them is
+  # required for sending reports via e-mail. The send_as attribute is required
+  # for sending e-mails to users who are not on the report access list.
+  # The send_to_acl attribute is required for sending e-mails to report access
+  # list members.
+  #
+  # E-mails and attachments are sent via the Internet in clear text and are not
+  # encrypted. If you do not set a valid value for either attribute,
+  # the application will save the report but not send it via e-mail.
+  # If you set a valid value for the send_as attribute but not for the
+  # send_to_acl_as attribute, the application will send the report via e-mail to
+  # non-access-list members only. If you set a valid value for the
+  # send_to_acl_as attribute, the application will send the report via e-mail to
+  # access-list members only. If you set a valid value for both attributes,
+  # the application will send reports via e-mail to access-list members and
+  # non-members.
+  class Email
+    # Send as file attachment or zipped file to individuals who are not members
+    # of the report access list. One of: file|zip
+    attr_accessor :send_as
+    # Send to all the authorized users of sites, groups, and devices.
+    attr_accessor :to_all_authorized
+    # Send to users on the report access list.
+    attr_accessor :send_to_acl_as
+    # Format to send to users on the report access list. One of: file|zip|url
+    attr_accessor :send_to_owner_as
+
+    # Sender that e-mail will be attributed to.
+    attr_accessor :sender
+    # SMTP relay server.
+    attr_accessor :smtp_relay_server
+    # Array of report recipients (i.e., not already on the report access list).
+    attr_accessor :recipients
+
+    def initialize(to_all_authorized, send_to_owner_as, send_to_acl_as, send_as)
+      @to_all_authorized = to_all_authorized
+      @send_to_owner_as = send_to_owner_as
+      @send_to_acl_as = send_to_acl_as 
+      @send_as = send_as 
+
+      @recipients = []
+    end
+
+    def to_xml
+      xml = '<Email'
+      xml << %Q{ toAllAuthorized='#{@toAllAuthorized ? 1 : 0}'}
+      xml << %Q{ sendToOwnerAs='#{@send_to_owner_as}'} if @send_to_owner_as
+      xml << %Q{ sendToAclAs='#{@send_to_acl_as}'} if @send_to_acl_as
+      xml << %Q{ sendAs='#{@send_as}'} if @send_as
+      xml << '>'
+      xml << %Q{<Sender>#{@sender}</Sender>} if @sender
+      xml << %Q{<SmtpRelayServer>#{@smtp_relay_server}</SmtpRelayServer>} if @smtp_relay_server
+      if @recipients
+        xml << '<Recipients>'
+        @recipients.each do |recipient|
+          xml << %Q{<Recipient>#{recipient}</Recipient>}
+        end
+        xml << '</Recipients>'
+      end
+      xml << '</Email>'
+    end
+
+    def self.parse(xml)
+      xml.elements.each('//Email') do |email|
+        config = Email.new(email.attributes['toAllAuthorized'] == '1',
+                           email.attributes['sendToOwnerAs'],
+                           email.attributes['sendToAclAs'],
+                           email.attributes['sendAs'])
+
+        xml.elements.each('//Sender') do |sender|
+          config.sender = sender.text
+        end
+        xml.elements.each('//SmtpRelayServer') do |server|
+          config.smtp_relay_server = server.text
+        end
+        xml.elements.each('//Recipient') do |recipient|
+          config.recipients << recipient.text
+        end
+        return config
+      end
+      nil
+    end
+  end
+
+  # Configuration structure for schedules.
+  class Schedule
+    # Whether or not this schedule is enabled.
+    attr_accessor :enabled
+    # Valid schedule types: daily, hourly, monthly-date, monthly-day, weekly.
+    attr_accessor :type
+    # The repeat interval based upon type.
+    attr_accessor :interval
+    # The earliest date to generate the report on (in ISO 8601 format).
+    attr_accessor :start
+
+    # The amount of time, in minutes, to allow execution before stopping.
+    attr_accessor :max_duration
+    # The date after which the schedule is disabled, in ISO 8601 format.
+    attr_accessor :not_valid_after
+
+    # --
+    # TODO These are not captured or put to XML.
+    # ++
+    attr_accessor :incremental
+    attr_accessor :repeater_type
+
+    def initialize(type, interval, start, enabled = true)
+      @type = type
+      @interval = interval
+      @start = start
+      @enabled = enabled
+    end
+
+    def to_xml
+      xml = %Q{<Schedule enabled='#{@enabled ? 1 : 0}' type='#{@type}' interval='#{@interval}' start='#{@start}'}
+      xml << %Q{ maxDuration='#@max_duration'} if @max_duration
+      xml << %Q{ notValidAfter='#@not_valid_after'} if @not_valid_after
+      xml << '/>'
+    end
+
+    def self.parse(xml)
+      xml.elements.each('//Schedule') do |sched|
+        schedule = Schedule.new(sched.attributes['type'],
+                                sched.attributes['interval'].to_i,
+                                sched.attributes['start'],
+                                sched.attributes['enabled'] || true)
+        # Optional parameters.
+        schedule.max_duration = sched.attributes['maxDuration'].to_i if sched.attributes['maxDuration']
+        schedule.not_valid_after = sched.attributes['notValidAfter'] if sched.attributes['notValidAfter']
+        return schedule
+      end
+    end
+  end
+end

data/lib/nexpose/connection.rb

@@ -1,106 +1,117 @@
-module Nexpose
-
-	# === Description
-	# Object that represents a connection to a NeXpose Security Console.
-	#
-	# === Examples
-	#   # Create a new Nexpose Connection on the default port
-	#   nsc = Connection.new("10.1.40.10","nxadmin","password")
-	#
-	#   # Login to NSC and Establish a Session ID
-	#   nsc.login()
-	#
-	#   # Check Session ID
-	#   if (nsc.session_id)
-	#       puts "Login Successful"
-	#   else
-	#       puts "Login Failure"
-	#   end
-	#
-	#   # //Logout
-	#   logout_success = nsc.logout()
-	#   if (! logout_success)
-	#       puts "Logout Failure" + "<p>" + nsc.error_msg.to_s
-	#   end
-	#
-	class Connection
-		include XMLUtils
-		include NexposeAPI
-
-		# true if an error condition exists; false otherwise
-		attr_reader :error
-		# Error message string
-		attr_reader :error_msg
-		# The last XML request sent by this object
-		attr_reader :request_xml
-		# The last XML response received by this object
-		attr_reader :response_xml
-		# Session ID of this connection
-		attr_reader :session_id
-		# The hostname or IP Address of the NSC
-		attr_reader :host
-		# The port of the NSC (default is 3780)
-		attr_reader :port
-		# The username used to login to the NSC
-		attr_reader :username
-		# The password used to login to the NSC
-		attr_reader :password
-		# The URL for communication
-		attr_reader :url
-
-		# Constructor for Connection
-		def initialize(ip, user, pass, port = 3780, silo_id = nil)
-			@host = ip
-			@port = port
-			@username = user
-			@password = pass
-			@silo_id = silo_id
-			@session_id = nil
-			@error = false
-			@url = "https://#{@host}:#{@port}/api/API_VERSION/xml"
-		end
-
-		# Establish a new connection and Session ID
-		def login
-			begin
-				login_hash = {'sync-id' => 0, 'password' => @password, 'user-id' => @username}
-				unless @silo_id.nil?
-					login_hash['silo-id'] = @silo_id
-				end
-				r = execute(make_xml('LoginRequest', login_hash))
-			rescue APIError
-				raise AuthenticationFailed.new(r)
-			end
-			if (r.success)
-				@session_id = r.sid
-				true
-			end
-		end
-
-		# Logout of the current connection
-		def logout
-			r = execute(make_xml('LogoutRequest', {'sync-id' => 0}))
-			if (r.success)
-				return true
-			end
-			raise APIError.new(r, 'Logout failed')
-		end
-
-		# Execute an API request
-		def execute(xml, version = '1.1')
-			@api_version = version
-			APIRequest.execute(@url, xml.to_s, @api_version)
-		end
-
-		# Download a specific URL
-		def download(url)
-			uri = URI.parse(url)
-			http = Net::HTTP.new(@host, @port)
-			http.use_ssl = true
-			http.verify_mode = OpenSSL::SSL::VERIFY_NONE # XXX: security issue
-			headers = {'Cookie' => "nexposeCCSessionID=#{@session_id}"}
-			resp = http.get(uri.path, headers)
-			resp.body
-		end
-	end
-end
+module Nexpose
+
+  # === Description
+  # Object that represents a connection to a Nexpose Security Console.
+  #
+  # === Examples
+  #   # Create a new Nexpose Connection on the default port
+  #   nsc = Connection.new('10.1.40.10', 'nxadmin', 'password')
+  #
+  #   # Login to NSC and Establish a Session ID
+  #   nsc.login
+  #
+  #   # Check Session ID
+  #   if nsc.session_id
+  #       puts 'Login Successful'
+  #   else
+  #       puts 'Login Failure'
+  #   end
+  #
+  #   # //Logout
+  #   logout_success = nsc.logout
+  #   if (! logout_success)
+  #       puts "Logout Failure" + "<p>" + nsc.error_msg.to_s
+  #   end
+  #
+  class Connection
+    include XMLUtils
+    include NexposeAPI
+
+    # true if an error condition exists; false otherwise
+    attr_reader :error
+    # Error message string
+    attr_reader :error_msg
+    # The last XML request sent by this object
+    attr_reader :request_xml
+    # The last XML response received by this object
+    attr_reader :response_xml
+    # Session ID of this connection
+    attr_reader :session_id
+    # The hostname or IP Address of the NSC
+    attr_reader :host
+    # The port of the NSC (default is 3780)
+    attr_reader :port
+    # The username used to login to the NSC
+    attr_reader :username
+    # The password used to login to the NSC
+    attr_reader :password
+    # The URL for communication
+    attr_reader :url
+
+    # Constructor for Connection
+    def initialize(ip, user, pass, port = 3780, silo_id = nil)
+      @host = ip
+      @port = port
+      @username = user
+      @password = pass
+      @silo_id = silo_id
+      @session_id = nil
+      @error = false
+      @url = "https://#{@host}:#{@port}/api/API_VERSION/xml"
+    end
+
+    # Establish a new connection and Session ID
+    def login
+      begin
+        login_hash = {'sync-id' => 0, 'password' => @password, 'user-id' => @username}
+        unless @silo_id.nil?
+          login_hash['silo-id'] = @silo_id
+        end
+        r = execute(make_xml('LoginRequest', login_hash))
+      rescue APIError
+        raise AuthenticationFailed.new(r)
+      end
+      if (r.success)
+        @session_id = r.sid
+        true
+      end
+    end
+
+    # Logout of the current connection
+    def logout
+      r = execute(make_xml('LogoutRequest', {'sync-id' => 0}))
+      if (r.success)
+        return true
+      end
+      raise APIError.new(r, 'Logout failed')
+    end
+
+    # Execute an API request
+    def execute(xml, version = '1.1')
+      @api_version = version
+      APIRequest.execute(@url, xml.to_s, @api_version)
+    end
+
+    # Download a specific URL, typically a report.
+    # Include an optional file_name parameter to write the output to a file.
+    #
+    # Note: XML and HTML reports have charts not downloaded by this method.
+    #       Would need to do something more sophisticated to grab
+    #       all the associated image files.
+    def download(url, file_name = nil)
+      return nil if url.nil? or url.empty?
+      uri = URI.parse(url)
+      http = Net::HTTP.new(@host, @port)
+      http.use_ssl = true
+      http.verify_mode = OpenSSL::SSL::VERIFY_NONE # XXX: security issue
+      headers = {'Cookie' => "nexposeCCSessionID=#{@session_id}"}
+      resp = http.get(uri.path, headers)
+
+      if file_name
+        File.open(file_name, 'w') { |file| file.write(resp.body) }
+      else
+        resp.body
+      end
+    end
+  end
+end

data/lib/nexpose/creds.rb

@@ -1,279 +1,292 @@
-module Nexpose
-  # === Description
-  # Object that represents administrative credentials to be used
-  # during a scan. When retrived from an existing site configuration
-  # the credentials will be returned as a security blob and can only
-  # be passed back as is during a Site Save operation. This object
-  # can only be used to create a new set of credentials.
-  #
-  class AdminCredentials
-    include XMLUtils
-
-    # Security blob for an existing set of credentials
-    attr_reader :securityblob
-    # Designates if this object contains user defined credentials or a security blob
-    attr_reader :isblob
-    # The service for these credentials. Can be All.
-    attr_reader :service
-    # The host for these credentials. Can be Any.
-    attr_reader :host
-    # The port on which to use these credentials.
-    attr_reader :port
-    # The user id or username
-    attr_reader :userid
-    # The password
-    attr_reader :password
-    # The realm for these credentials
-    attr_reader :realm
-    # When using httpheaders, this represents the set of headers to pass
-    # with the authentication request.
-    attr_reader :headers
-    # When using htmlforms, this represents the tho form to pass the
-    # authentication request to.
-    attr_reader :html_forms
-
-    def initialize(isblob = false)
-      @isblob = isblob
-    end
-
-    # Sets the credentials information for this object.
-    def set_credentials(service, host, port, userid, password, realm)
-      @isblob = false
-      @securityblob = nil
-      @service = service
-      @host = host
-      @port = port
-      @userid = userid
-      @password = password
-      @realm = realm
-    end
-
-    # TODO: add description
-    def set_service(service)
-      @service = service
-    end
-
-    def set_host(host)
-      @host = host
-    end
-
-    # TODO: add description
-    def set_blob(securityblob)
-      @isblob = true
-      @securityblob = securityblob
-    end
-
-    # Add Headers to credentials for httpheaders.
-    def set_headers(headers)
-      @headers = headers
-    end
-
-    def set_html_forms(html_forms)
-      @html_forms = html_forms
-    end
-
-    def to_xml
-      to_xml_elem.to_s
-    end
-
-    def to_xml_elem
-      attributes = {}
-
-      attributes['service'] = @service
-      attributes['userid'] = @userid
-      attributes['password'] = @password
-      attributes['realm'] = @realm
-      attributes['host'] = @host
-      attributes['port'] = @port
-
-      data = isblob ? securityblob : ''
-      xml = make_xml('adminCredentials', attributes, data)
-      xml.add_element(@headers.to_xml_elem) if @headers
-      xml.add_element(@html_forms.to_xml_elem) if @html_forms
-      xml
-    end
-  end
-
-  # Object that represents Header name-value pairs, associated with Web Session Authentication.
-  class Header
-    include XMLUtils
-    # Name, one per Header
-    attr_reader :name
-    # Value, one per Header
-    attr_reader :value
-
-    # Construct with name value pair
-    def initialize(name, value)
-      @name = name
-      @value = value
-    end
-
-    def to_xml_elem
-      attributes = {}
-      attributes['name'] = @name
-      attributes['value'] = @value
-
-      make_xml('Header', attributes)
-    end
-  end
-
-  # Object that represents Headers, associated with Web Session Authentication.
-  class Headers
-    include XMLUtils
-    # A regular expression used to match against the response to identify authentication failures.
-    attr_reader :soft403
-    # Base URL of the application for which the form authentication applies.
-    attr_reader :webapproot
-    # When using httpheaders, this represents the set of headers to pass with the authentication request.
-    attr_reader :headers
-
-    def initialize(webapproot, soft403)
-      @headers = []
-      @webapproot = webapproot
-      @soft403 = soft403
-    end
-
-    def add_header(header)
-      @headers.push(header)
-    end
-
-    def to_xml_elem
-      attributes = {}
-      attributes['webapproot'] = @webapproot
-      attributes['soft403'] = @soft403
-
-      xml = make_xml('Headers', attributes)
-      @headers.each do |header|
-        xml.add_element(header.to_xml_elem)
-      end
-      xml
-    end
-
-  end
-
-  # When using htmlform, this represents the login form information.
-  class Field
-    include XMLUtils
-    # The name of the HTML field (form parameter).
-    attr_reader :name
-    # The value of the HTML field (form parameter).
-    attr_reader :value
-    # The type of the HTML field (form parameter).
-    attr_reader :type
-    # Is the HTML field (form parameter) dynamically generated? If so,
-    # the login page is requested and the value of the field is extracted
-    # from the response.
-    attr_reader :dynamic
-    # If the HTML field (form parameter) is a radio button, checkbox or select
-    # field, this flag determines if the field should be checked (selected).
-    attr_reader :checked
-
-    def initialize(name, value, type, dynamic, checked)
-      @name = name
-      @value = value
-      @type = type
-      @dynamic = dynamic
-      @checked = checked
-    end
-
-    def to_xml_elem
-      attributes = {}
-      attributes['name'] = @name
-      attributes['value'] = @value
-      attributes['type'] = @type
-      attributes['dynamic'] = @dynamic
-      attributes['checked'] = @checked
-
-      make_xml('Field', attributes)
-    end
-  end
-
-  # When using htmlform, this represents the login form information.
-  class HTMLForm
-    include XMLUtils
-    # The name of the form being submitted.
-    attr_reader :name
-    # The HTTP action (URL) through which to submit the login form.
-    attr_reader :action
-    # The HTTP request method with which to submit the form.
-    attr_reader :method
-    # The HTTP encoding type with which to submit the form.
-    attr_reader :enctype
-    # The fields in the HTML Form
-    attr_reader :fields
-
-    def initialize(name, action, method, enctype)
-      @name = name
-      @action = action
-      @method = method
-      @enctype = enctype
-      @fields = []
-    end
-
-    def add_field(field)
-      @fields << field
-    end
-
-    def to_xml_elem
-      attributes = {}
-      attributes['name'] = @name
-      attributes['action'] = @action
-      attributes['method'] = @method
-      attributes['enctype'] = @enctype
-
-      xml = make_xml('HTMLForm', attributes)
-
-      fields.each() do |field|
-        xml.add_element(field.to_xml_elem)
-      end
-
-      xml
-    end
-
-  end
-
-  # When using htmlform, this represents the login form information.
-  class HTMLForms
-    include XMLUtils
-    # The URL of the login page containing the login form.
-    attr_reader :parentpage
-    # A regular expression used to match against the response to identify
-    # authentication failures.
-    attr_reader :soft403
-    # Base URL of the application for which the form authentication applies.
-    attr_reader :webapproot
-    # The forms to authenticate with
-    attr_reader :html_forms
-
-    def initialize(parentpage, soft403, webapproot)
-      @parentpage = parentpage
-      @soft403 = soft403
-      @webapproot = webapproot
-      @html_forms = []
-    end
-
-    def add_html_form(html_form)
-      @html_forms << html_form
-    end
-
-    def to_xml_elem
-      attributes = {}
-      attributes['parentpage'] = @parentpage
-      attributes['soft403'] = @soft403
-      attributes['webapproot'] = @webapproot
-
-      xml = make_xml('HTMLForms', attributes)
-
-      html_forms.each() do |html_form|
-        xml.add_element(html_form.to_xml_elem)
-      end
-      xml
-    end
-
-  end
-
-  # When using ssh-key, this represents the PEM-format keypair information.
-  class PEMKey
-    # TODO
-  end
-end
+module Nexpose
+
+  # Object that represents administrative credentials to be used
+  # during a scan. When retrieved from an existing site configuration
+  # the credentials will be returned as a security blob and can only
+  # be passed back as is during a Site Save operation. This object
+  # can only be used to create a new set of credentials.
+  class AdminCredentials
+    include XMLUtils
+
+    # Security blob for an existing set of credentials
+    attr_reader :securityblob
+    # Designates if this object contains user defined credentials or a security blob
+    attr_reader :isblob
+    # The service for these credentials. Can be All.
+    attr_reader :service
+    # The host for these credentials. Can be Any.
+    attr_reader :host
+    # The port on which to use these credentials.
+    attr_reader :port
+    # The user id or username
+    attr_reader :userid
+    # The password
+    attr_reader :password
+    # The realm for these credentials
+    attr_reader :realm
+    # When using httpheaders, this represents the set of headers to pass
+    # with the authentication request.
+    attr_reader :headers
+    # When using htmlforms, this represents the tho form to pass the
+    # authentication request to.
+    attr_reader :html_forms
+
+    def initialize(isblob = false)
+      @isblob = isblob
+    end
+
+    # Sets the credentials information for this object.
+    def set_credentials(service, host, port, userid, password, realm)
+      @isblob = false
+      @securityblob = nil
+      @service = service
+      @host = host
+      @port = port
+      @userid = userid
+      @password = password
+      @realm = realm
+    end
+
+    # TODO: add description
+    def set_service(service)
+      @service = service
+    end
+
+    def set_host(host)
+      @host = host
+    end
+
+    # TODO: add description
+    def set_blob(securityblob)
+      @isblob = true
+      @securityblob = securityblob
+    end
+
+    # Add Headers to credentials for httpheaders.
+    def set_headers(headers)
+      @headers = headers
+    end
+
+    def set_html_forms(html_forms)
+      @html_forms = html_forms
+    end
+
+    def to_xml
+      to_xml_elem.to_s
+    end
+
+    def to_xml_elem
+      attributes = {}
+
+      attributes['service'] = @service
+      attributes['userid'] = @userid
+      attributes['password'] = @password
+      attributes['realm'] = @realm
+      attributes['host'] = @host
+      attributes['port'] = @port
+
+      data = isblob ? securityblob : ''
+      xml = make_xml('adminCredentials', attributes, data)
+      xml.add_element(@headers.to_xml_elem) if @headers
+      xml.add_element(@html_forms.to_xml_elem) if @html_forms
+      xml
+    end
+
+    include Comparable
+
+    def <=>(other)
+      to_xml <=> other.to_xml
+    end
+
+    def eql?(other)
+      to_xml == other.to_xml
+    end
+
+    def hash
+      to_xml.hash
+    end
+  end
+
+  # Object that represents Header name-value pairs, associated with Web Session Authentication.
+  class Header
+    include XMLUtils
+    # Name, one per Header
+    attr_reader :name
+    # Value, one per Header
+    attr_reader :value
+
+    # Construct with name value pair
+    def initialize(name, value)
+      @name = name
+      @value = value
+    end
+
+    def to_xml_elem
+      attributes = {}
+      attributes['name'] = @name
+      attributes['value'] = @value
+
+      make_xml('Header', attributes)
+    end
+  end
+
+  # Object that represents Headers, associated with Web Session Authentication.
+  class Headers
+    include XMLUtils
+    # A regular expression used to match against the response to identify authentication failures.
+    attr_reader :soft403
+    # Base URL of the application for which the form authentication applies.
+    attr_reader :webapproot
+    # When using httpheaders, this represents the set of headers to pass with the authentication request.
+    attr_reader :headers
+
+    def initialize(webapproot, soft403)
+      @headers = []
+      @webapproot = webapproot
+      @soft403 = soft403
+    end
+
+    def add_header(header)
+      @headers.push(header)
+    end
+
+    def to_xml_elem
+      attributes = {}
+      attributes['webapproot'] = @webapproot
+      attributes['soft403'] = @soft403
+
+      xml = make_xml('Headers', attributes)
+      @headers.each do |header|
+        xml.add_element(header.to_xml_elem)
+      end
+      xml
+    end
+
+  end
+
+  # When using htmlform, this represents the login form information.
+  class Field
+    include XMLUtils
+    # The name of the HTML field (form parameter).
+    attr_reader :name
+    # The value of the HTML field (form parameter).
+    attr_reader :value
+    # The type of the HTML field (form parameter).
+    attr_reader :type
+    # Is the HTML field (form parameter) dynamically generated? If so,
+    # the login page is requested and the value of the field is extracted
+    # from the response.
+    attr_reader :dynamic
+    # If the HTML field (form parameter) is a radio button, checkbox or select
+    # field, this flag determines if the field should be checked (selected).
+    attr_reader :checked
+
+    def initialize(name, value, type, dynamic, checked)
+      @name = name
+      @value = value
+      @type = type
+      @dynamic = dynamic
+      @checked = checked
+    end
+
+    def to_xml_elem
+      attributes = {}
+      attributes['name'] = @name
+      attributes['value'] = @value
+      attributes['type'] = @type
+      attributes['dynamic'] = @dynamic
+      attributes['checked'] = @checked
+
+      make_xml('Field', attributes)
+    end
+  end
+
+  # When using htmlform, this represents the login form information.
+  class HTMLForm
+    include XMLUtils
+    # The name of the form being submitted.
+    attr_reader :name
+    # The HTTP action (URL) through which to submit the login form.
+    attr_reader :action
+    # The HTTP request method with which to submit the form.
+    attr_reader :method
+    # The HTTP encoding type with which to submit the form.
+    attr_reader :enctype
+    # The fields in the HTML Form
+    attr_reader :fields
+
+    def initialize(name, action, method, enctype)
+      @name = name
+      @action = action
+      @method = method
+      @enctype = enctype
+      @fields = []
+    end
+
+    def add_field(field)
+      @fields << field
+    end
+
+    def to_xml_elem
+      attributes = {}
+      attributes['name'] = @name
+      attributes['action'] = @action
+      attributes['method'] = @method
+      attributes['enctype'] = @enctype
+
+      xml = make_xml('HTMLForm', attributes)
+
+      fields.each() do |field|
+        xml.add_element(field.to_xml_elem)
+      end
+
+      xml
+    end
+
+  end
+
+  # When using htmlform, this represents the login form information.
+  class HTMLForms
+    include XMLUtils
+    # The URL of the login page containing the login form.
+    attr_reader :parentpage
+    # A regular expression used to match against the response to identify
+    # authentication failures.
+    attr_reader :soft403
+    # Base URL of the application for which the form authentication applies.
+    attr_reader :webapproot
+    # The forms to authenticate with
+    attr_reader :html_forms
+
+    def initialize(parentpage, soft403, webapproot)
+      @parentpage = parentpage
+      @soft403 = soft403
+      @webapproot = webapproot
+      @html_forms = []
+    end
+
+    def add_html_form(html_form)
+      @html_forms << html_form
+    end
+
+    def to_xml_elem
+      attributes = {}
+      attributes['parentpage'] = @parentpage
+      attributes['soft403'] = @soft403
+      attributes['webapproot'] = @webapproot
+
+      xml = make_xml('HTMLForms', attributes)
+
+      html_forms.each() do |html_form|
+        xml.add_element(html_form.to_xml_elem)
+      end
+      xml
+    end
+
+  end
+
+  # When using ssh-key, this represents the PEM-format keypair information.
+  class PEMKey
+    # TODO
+  end
+end