001    package org.apache.archiva.security;
002    
003    /*
004     * Licensed to the Apache Software Foundation (ASF) under one
005     * or more contributor license agreements.  See the NOTICE file
006     * distributed with this work for additional information
007     * regarding copyright ownership.  The ASF licenses this file
008     * to you under the Apache License, Version 2.0 (the
009     * "License"); you may not use this file except in compliance
010     * with the License.  You may obtain a copy of the License at
011     *
012     *  http://www.apache.org/licenses/LICENSE-2.0
013     *
014     * Unless required by applicable law or agreed to in writing,
015     * software distributed under the License is distributed on an
016     * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
017     * KIND, either express or implied.  See the License for the
018     * specific language governing permissions and limitations
019     * under the License.
020     */
021    
022    import javax.servlet.http.HttpServletRequest;
023    
024    import org.apache.archiva.redback.authentication.AuthenticationException;
025    import org.apache.archiva.redback.authentication.AuthenticationResult;
026    import org.apache.archiva.redback.authorization.AuthorizationException;
027    import org.apache.archiva.redback.authorization.UnauthorizedException;
028    import org.apache.archiva.redback.policy.AccountLockedException;
029    import org.apache.archiva.redback.policy.MustChangePasswordException;
030    import org.apache.archiva.redback.system.SecuritySession;
031    
032    /**
033     * @version
034     */
035    public interface ServletAuthenticator
036    {
037        /**
038         * Authentication check for users.
039         * 
040         * @param request
041         * @param result
042         * @return
043         * @throws AuthenticationException
044         * @throws AccountLockedException
045         * @throws MustChangePasswordException
046         */
047        boolean isAuthenticated( HttpServletRequest request, AuthenticationResult result )
048            throws AuthenticationException, AccountLockedException, MustChangePasswordException;
049    
050        /**
051         * Authorization check for valid users.
052         * 
053         * @param request
054         * @param securitySession
055         * @param repositoryId
056         * @param isWriteRequest
057         * @return
058         * @throws AuthorizationException
059         * @throws UnauthorizedException
060         */
061        boolean isAuthorized( HttpServletRequest request, SecuritySession securitySession, String repositoryId,
062            String permission ) throws AuthorizationException, UnauthorizedException;
063        
064        /**
065         * Authorization check specific for user guest, which doesn't go through 
066         * HttpBasicAuthentication#getAuthenticationResult( HttpServletRequest request, HttpServletResponse response )
067         * since no credentials are attached to the request. 
068         * 
069         * See also MRM-911
070         * 
071         * @param principal
072         * @param repoId
073         * @param isWriteRequest
074         * @return
075         * @throws UnauthorizedException
076         */
077        boolean isAuthorized( String principal, String repoId, String permission )
078            throws UnauthorizedException;
079    }