Authenticator xref


1   package com.atlassian.seraph.auth;
2   
3   import com.atlassian.seraph.Initable;
4   
5   import javax.servlet.http.HttpServletRequest;
6   import javax.servlet.http.HttpServletResponse;
7   import java.security.Principal;
8   
9   /**
10   * An Authenticator is used to authenticate users, log them in, log them out and check their roles.
11   */
12  public interface Authenticator extends Initable
13  {
14      /** @deprecated DefaultAuthenticator is no longer a concrete class and there should be no reason to use this constant. Since v2.4.0 */
15      public final String DEFAULT_AUTHENTICATOR = "com.atlassian.seraph.auth.DefaultAuthenticator";
16  
17      public void destroy();
18  
19      public String getRemoteUser(HttpServletRequest request);
20  
21      public Principal getUser(HttpServletRequest request);
22  
23      public Principal getUser(HttpServletRequest request, HttpServletResponse response);
24  
25      /** @deprecated Use {@link RoleMapper} directly */
26      public boolean isUserInRole(HttpServletRequest request, String role);
27  
28      /**
29       * Tries to authenticate a user.
30       *
31       * @param request             the HttpServletRequest
32       * @param response            the HttpServletResponse
33       * @param username            the user name to check against the password
34       * @param password            the password to authenticate the user with
35       * @return Whether the user was authenticated. This should only return false if we were able to actually test and fail the login attempt.
36       *
37       * @throws AuthenticatorException if an error occurs that stops the user from being authenticated (eg remote communication failure).
38       */
39      public boolean login(HttpServletRequest request, HttpServletResponse response, String username, String password) throws AuthenticatorException;
40  
41      /**
42       * Tries to authenticate a user.
43       *
44       * @param request             the HttpServletRequest
45       * @param response            the HttpServletResponse
46       * @param username            the user name to check against the password
47       * @param password            the password to authenticate the user with
48       * @param storeCookie         whether to set a remember me cookie on successful login
49       * @return Whether the user was authenticated. This should only return false if we were able to actually test and fail the login attempt.
50       *
51       * @throws AuthenticatorException if an error occurs that stops the user from being authenticated (eg remote communication failure).
52       */
53      public boolean login(HttpServletRequest request, HttpServletResponse response, String username, String password, boolean storeCookie) throws AuthenticatorException;
54  
55      public boolean logout(HttpServletRequest request, HttpServletResponse response) throws AuthenticatorException;
56  }