1 package com.atlassian.seraph.auth;
2
3 import com.atlassian.seraph.Initable;
4 import com.atlassian.seraph.service.rememberme.RememberMeToken;
5
6 import javax.servlet.http.HttpServletRequest;
7 import javax.servlet.http.HttpServletResponse;
8 import java.security.Principal;
9
10 /**
11 * An Authenticator is used to authenticate users, log them in, log them out and check their roles.
12 */
13 public interface Authenticator extends Initable
14 {
15 /** @deprecated DefaultAuthenticator is no longer a concrete class and there should be no reason to use this constant. Since v2.4.0 */
16 public final String DEFAULT_AUTHENTICATOR = "com.atlassian.seraph.auth.DefaultAuthenticator";
17
18 public void destroy();
19
20 /**
21 * Gets the username of the {@link Principal} authenticated for the given {@link HttpServletRequest}.
22 * @param request
23 * @param response
24 * @return username or null if no user has been authenticated
25 */
26 public String getRemoteUser(HttpServletRequest request);
27
28 /**
29 * Gets the {@link Principal} authenticated for the given {@link HttpServletRequest}.
30 * @param request
31 * @param response
32 * @return principal or null if no user has been authenticated
33 */
34 public Principal getUser(HttpServletRequest request);
35
36 /**
37 * Gets the {@link Principal} for the {@link HttpServletRequest}. The {@link RememberMeToken} will be regenerated for the {@link HttpServletResponse} if the token is invalid.
38 * @param request
39 * @param response
40 * @return principal or null if no user has been authenticated
41 */
42 public Principal getUser(HttpServletRequest request, HttpServletResponse response);
43
44 /** @deprecated Use {@link RoleMapper} directly */
45 public boolean isUserInRole(HttpServletRequest request, String role);
46
47 /**
48 * Tries to authenticate a user.
49 *
50 * @param request the HttpServletRequest
51 * @param response the HttpServletResponse
52 * @param username the user name to check against the password
53 * @param password the password to authenticate the user with
54 * @return Whether the user was authenticated. This should only return false if we were able to actually test and fail the login attempt.
55 *
56 * @throws AuthenticatorException if an error occurs that stops the user from being authenticated (eg remote communication failure).
57 */
58 public boolean login(HttpServletRequest request, HttpServletResponse response, String username, String password) throws AuthenticatorException;
59
60 /**
61 * Tries to authenticate a user.
62 *
63 * @param request the HttpServletRequest
64 * @param response the HttpServletResponse
65 * @param username the user name to check against the password
66 * @param password the password to authenticate the user with
67 * @param storeCookie whether to set a remember me cookie on successful login
68 * @return Whether the user was authenticated. This should only return false if we were able to actually test and fail the login attempt.
69 *
70 * @throws AuthenticatorException if an error occurs that stops the user from being authenticated (eg remote communication failure).
71 */
72 public boolean login(HttpServletRequest request, HttpServletResponse response, String username, String password, boolean storeCookie) throws AuthenticatorException;
73
74 public boolean logout(HttpServletRequest request, HttpServletResponse response) throws AuthenticatorException;
75 }