Classes in this File | Line Coverage | Branch Coverage | Complexity | ||||
ServletAuthenticator |
|
| 1.0;1 |
1 | package org.apache.maven.archiva.security; | |
2 | ||
3 | /* | |
4 | * Licensed to the Apache Software Foundation (ASF) under one | |
5 | * or more contributor license agreements. See the NOTICE file | |
6 | * distributed with this work for additional information | |
7 | * regarding copyright ownership. The ASF licenses this file | |
8 | * to you under the Apache License, Version 2.0 (the | |
9 | * "License"); you may not use this file except in compliance | |
10 | * with the License. You may obtain a copy of the License at | |
11 | * | |
12 | * http://www.apache.org/licenses/LICENSE-2.0 | |
13 | * | |
14 | * Unless required by applicable law or agreed to in writing, | |
15 | * software distributed under the License is distributed on an | |
16 | * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | |
17 | * KIND, either express or implied. See the License for the | |
18 | * specific language governing permissions and limitations | |
19 | * under the License. | |
20 | */ | |
21 | ||
22 | import javax.servlet.http.HttpServletRequest; | |
23 | ||
24 | import org.codehaus.plexus.redback.authentication.AuthenticationException; | |
25 | import org.codehaus.plexus.redback.authentication.AuthenticationResult; | |
26 | import org.codehaus.plexus.redback.authorization.AuthorizationException; | |
27 | import org.codehaus.plexus.redback.authorization.UnauthorizedException; | |
28 | import org.codehaus.plexus.redback.policy.AccountLockedException; | |
29 | import org.codehaus.plexus.redback.policy.MustChangePasswordException; | |
30 | import org.codehaus.plexus.redback.system.SecuritySession; | |
31 | ||
32 | /** | |
33 | * @version | |
34 | */ | |
35 | public interface ServletAuthenticator | |
36 | { | |
37 | /** | |
38 | * Authentication check for users. | |
39 | * | |
40 | * @param request | |
41 | * @param result | |
42 | * @return | |
43 | * @throws AuthenticationException | |
44 | * @throws AccountLockedException | |
45 | * @throws MustChangePasswordException | |
46 | */ | |
47 | public boolean isAuthenticated( HttpServletRequest request, AuthenticationResult result ) | |
48 | throws AuthenticationException, AccountLockedException, MustChangePasswordException; | |
49 | ||
50 | /** | |
51 | * Authorization check for valid users. | |
52 | * | |
53 | * @param request | |
54 | * @param securitySession | |
55 | * @param repositoryId | |
56 | * @param isWriteRequest | |
57 | * @return | |
58 | * @throws AuthorizationException | |
59 | * @throws UnauthorizedException | |
60 | */ | |
61 | public boolean isAuthorized( HttpServletRequest request, SecuritySession securitySession, String repositoryId, | |
62 | String permission ) throws AuthorizationException, UnauthorizedException; | |
63 | ||
64 | /** | |
65 | * Authorization check specific for user guest, which doesn't go through | |
66 | * HttpBasicAuthentication#getAuthenticationResult( HttpServletRequest request, HttpServletResponse response ) | |
67 | * since no credentials are attached to the request. | |
68 | * | |
69 | * See also MRM-911 | |
70 | * | |
71 | * @param principal | |
72 | * @param repoId | |
73 | * @param isWriteRequest | |
74 | * @return | |
75 | * @throws UnauthorizedException | |
76 | */ | |
77 | public boolean isAuthorized( String principal, String repoId, String permission ) | |
78 | throws UnauthorizedException; | |
79 | } |