View Javadoc

1   package com.atlassian.sal.api.auth;
2   
3   import java.security.Principal;
4   
5   import javax.servlet.http.HttpServletRequest;
6   
7   /**
8    * Allows the host application to communicate about when authentication should be performed
9    * and users allowed to login.
10   *
11   * @since 2.0
12   */
13  public interface AuthenticationController
14  {
15      /**
16       * Check whether or not authentication should be tried. Typically this will return
17       * {@code true} if the current principal is not already authenticated.
18       *
19       * @param request the current {@link HttpServletRequest}
20       * @return {@code true} if authentication should be tried, {@code false} otherwise.
21       */
22      boolean shouldAttemptAuthentication(HttpServletRequest request);
23  
24      /**
25       * Check whether the given principal can log into the application for the current request.
26       *
27       * @param principal the identified principal
28       * @param request   the current {@link HttpServletRequest}
29       * @return {@code true} if the principal is allowed to login for the given request, {@code false}
30       *         otherwise.
31       */
32      boolean canLogin(Principal principal, HttpServletRequest request);
33  }