View Javadoc

1   package com.atlassian.sal.api.auth;
2   
3   import javax.servlet.http.HttpServletRequest;
4   import java.security.Principal;
5   
6   /**
7    * Allows the host application to communicate about when authentication should be performed
8    * and users allowed to login.
9    *
10   * @since 2.0
11   */
12  public interface AuthenticationController {
13      /**
14       * Check whether or not authentication should be tried. Typically this will return
15       * {@code true} if the current principal is not already authenticated.
16       *
17       * @param request the current {@link HttpServletRequest}
18       * @return {@code true} if authentication should be tried, {@code false} otherwise.
19       */
20      boolean shouldAttemptAuthentication(HttpServletRequest request);
21  
22      /**
23       * Check whether the given principal can log into the application for the current request.
24       *
25       * @param principal the identified principal
26       * @param request   the current {@link HttpServletRequest}
27       * @return {@code true} if the principal is allowed to login for the given request, {@code false}
28       * otherwise.
29       */
30      boolean canLogin(Principal principal, HttpServletRequest request);
31  }