1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.apache.jetspeed.security;
18
19 import java.sql.Date;
20
21 import org.apache.jetspeed.security.spi.CredentialHandler;
22 import org.apache.jetspeed.security.spi.UserSecurityHandler;
23
24 /***
25 * <p>
26 * Proxy allowing to handle multiple authentication providers.
27 * </p>
28 *
29 * @author <a href="mailto:dlestrat@apache.org">David Le Strat </a>
30 */
31 public interface AuthenticationProviderProxy extends UserSecurityHandler, CredentialHandler
32 {
33 /***
34 * <p>
35 * Returns the default authentication provider.
36 * </p>
37 *
38 * @return The default authentication provider.
39 */
40 String getDefaultAuthenticationProvider();
41
42 /***
43 * <p>
44 * Returns the authentication provider of a user principal.
45 * @param userName
46 * @return The authentication provider or null if user is unknown.
47 */
48 String getAuthenticationProvider(String userName);
49
50 /***
51 * <p>
52 * Adds a new user principal in a given authentication provider.
53 * </p>
54 *
55 * @param userPrincipal The new user principal.
56 * @param authenticationProvider The authentication provider name.
57 * @throws SecurityException Throws a security exception.
58 */
59 void addUserPrincipal(UserPrincipal userPrincipal, String authenticationProvider) throws SecurityException;
60
61 /***
62 * <p>
63 * Updates user principal in a given authentication provider.
64 * </p>
65 *
66 * @param userPrincipal The user principal.
67 * @param authenticationProvider The authentication provider name.
68 * @throws SecurityException Throws a security exception.
69 */
70 void updateUserPrincipal(UserPrincipal userPrincipal, String authenticationProvider) throws SecurityException;
71
72 /***
73 * <p>
74 * Remove user principal in a given authentication provider.
75 * </p>
76 *
77 * @param userPrincipal The user principal.
78 * @param authenticationProvider The authentication provider name.
79 * @throws SecurityException Throws a security exception.
80 */
81 void removeUserPrincipal(UserPrincipal userPrincipal, String authenticationProvider) throws SecurityException;
82
83 /***
84 * <p>
85 * Adds or updates a private password credentialin a given authentication provider.<br>
86 * Note that there is no checking of the <code>oldPassword</code> and the provided password is
87 * assumed to be encoded. Hence no encoding will take place.
88 * </p>
89 *
90 * @param username The user to be updated.
91 * @param newPassword The new password.
92 * @throws SecurityException Throws a {@link SecurityException}.
93 */
94 void importPassword(String userName, String newPassword) throws SecurityException;
95
96
97
98 /***
99 * <p>
100 * Adds or updates a private password credentialin a given authentication provider.<br>
101 * Note that there is no checking of the <code>oldPassword</code> and the provided password is
102 * assumed to be encoded. Hence no encoding will take place.
103 * </p>
104 *
105 * @param username The user to be updated.
106 * @param newPassword The new password.
107 * @param authenticationProvider The authentication provider name.
108 * @throws SecurityException Throws a {@link SecurityException}.
109 */
110 void importPassword(String userName, String newPassword,String authenticationProvider) throws SecurityException;
111
112 /***
113 * <p>
114 * Adds or updates a private password credential in a given authentication provider.<br>
115 * If <code>oldPassword</code> is not null, the oldPassword will first be checked (authenticated).<br>
116 * </p>
117 *
118 * @param userName The name of the user to be updated.
119 * @param oldPassword The old password value.
120 * @param newPassword The new password value.
121 * @param authenticationProvider The authentication provider name.
122 * @throws SecurityException Throws a {@link SecurityException}.
123 */
124 void setPassword(String userName, String oldPassword, String newPassword,
125 String authenticationProvider) throws SecurityException;
126
127 /***
128 * <p>
129 * Set the update required state of the user password credential in a given authentication provider.
130 * </p>
131 *
132 * @param userName The user name.
133 * @param updateRequired The update required state.
134 * @param authenticationProvider The authentication provider name.
135 * @throws Throws a security exception.
136 */
137 void setPasswordUpdateRequired(String userName, boolean updateRequired,
138 String authenticationProvider) throws SecurityException;
139
140 /***
141 * <p>
142 * Set the enabled state of the user password credential in a given authentication provider.
143 * </p>
144 *
145 * @param userName The user name.
146 * @param enabled The enabled state.
147 * @param authenticationProvider The authentication provider name.
148 * @throws Throws a security exception.
149 */
150 void setPasswordEnabled(String userName, boolean enabled,
151 String authenticationProvider) throws SecurityException;
152
153 /***
154 * <p>
155 * Set the expiration date and the expired flag of the password credential in a given authentication provider</p>
156 * <p>
157 * If a date equal or before the current date is provided, the expired flag will be set to true,
158 * otherwise to false.</p>
159 *
160 * @param userName The user name.
161 * @param expirationDate The expiration date to set.
162 * @param authenticationProvider The authentication provider name.
163 * @throws Throws a security exception.
164 */
165 void setPasswordExpiration(String userName, Date expirationDate,
166 String authenticationProvider) throws SecurityException;
167
168 /***
169 * <p>
170 * Authenticate a user in a given authentication provider
171 * </p>
172 *
173 * @param userName The user name.
174 * @param password The user password.
175 * @param authenticationProvider The authentication provider name.
176 * @return Whether or not a user is authenticated.
177 */
178 boolean authenticate(String userName, String password, String authenticationProvider) throws SecurityException;
179 }