org.apache.archiva.security
Interface ServletAuthenticator

All Known Implementing Classes:
ArchivaServletAuthenticator

public interface ServletAuthenticator

Version:

Method Summary
 boolean isAuthenticated(javax.servlet.http.HttpServletRequest request, org.apache.archiva.redback.authentication.AuthenticationResult result)
          Authentication check for users.
 boolean isAuthorized(javax.servlet.http.HttpServletRequest request, org.apache.archiva.redback.system.SecuritySession securitySession, String repositoryId, String permission)
          Authorization check for valid users.
 boolean isAuthorized(String principal, String repoId, String permission)
          Authorization check specific for user guest, which doesn't go through HttpBasicAuthentication#getAuthenticationResult( HttpServletRequest request, HttpServletResponse response ) since no credentials are attached to the request.
 

Method Detail

isAuthenticated

boolean isAuthenticated(javax.servlet.http.HttpServletRequest request,
                        org.apache.archiva.redback.authentication.AuthenticationResult result)
                        throws org.apache.archiva.redback.authentication.AuthenticationException,
                               org.apache.archiva.redback.policy.AccountLockedException,
                               org.apache.archiva.redback.policy.MustChangePasswordException
Authentication check for users.

Parameters:
request -
result -
Returns:
Throws:
org.apache.archiva.redback.authentication.AuthenticationException
org.apache.archiva.redback.policy.AccountLockedException
org.apache.archiva.redback.policy.MustChangePasswordException

isAuthorized

boolean isAuthorized(javax.servlet.http.HttpServletRequest request,
                     org.apache.archiva.redback.system.SecuritySession securitySession,
                     String repositoryId,
                     String permission)
                     throws org.apache.archiva.redback.authorization.AuthorizationException,
                            org.apache.archiva.redback.authorization.UnauthorizedException
Authorization check for valid users.

Parameters:
request -
securitySession -
repositoryId -
isWriteRequest -
Returns:
Throws:
org.apache.archiva.redback.authorization.AuthorizationException
org.apache.archiva.redback.authorization.UnauthorizedException

isAuthorized

boolean isAuthorized(String principal,
                     String repoId,
                     String permission)
                     throws org.apache.archiva.redback.authorization.UnauthorizedException
Authorization check specific for user guest, which doesn't go through HttpBasicAuthentication#getAuthenticationResult( HttpServletRequest request, HttpServletResponse response ) since no credentials are attached to the request. See also MRM-911

Parameters:
principal -
repoId -
isWriteRequest -
Returns:
Throws:
org.apache.archiva.redback.authorization.UnauthorizedException


Copyright © 2006-2013 The Apache Software Foundation. All Rights Reserved.