org.mortbay.http
Interface UserRealm
- HashUserRealm, JAASUserRealm, JDBCUserRealm
public interface UserRealm
User Realm.
This interface should be specialized to provide specific user
lookup and authentication using arbitrary methods.
For SSO implementation sof UserRealm should also implement SSORealm.
$Id: UserRealm.java,v 1.15 2005/03/15 10:03:40 gregwilkins Exp $ Principal | authenticate(String username, Object credentials, HttpRequest request) - Authenticate a users credentials.
|
void | disassociate(Principal user) - Dissassociate the calling context with a Principal.
|
String | getName()
|
Principal | getPrincipal(String username) - Get the principal for a username.
|
boolean | isUserInRole(Principal user, String role) - Check if the user is in a role.
|
void | logout(Principal user) - logout a user Principal.
|
Principal | popRole(Principal user) - Pop role from a Principal.
|
Principal | pushRole(Principal user, String role) - Push role onto a Principal.
|
boolean | reauthenticate(Principal user) - Re Authenticate a Principal.
|
authenticate
public Principal authenticate(String username,
Object credentials,
HttpRequest request)
Authenticate a users credentials.
Implementations of this method may adorn the calling context to
assoicate it with the authenticated principal (eg ThreadLocals). If
such context associations are made, they should be considered valid
until a UserRealm.deAuthenticate(UserPrincipal) call is made for this
UserPrincipal.
username
- The username.credentials
- The user credentials, normally a String password.request
- The request to be authenticated. Additional
parameters may be extracted or set on this request as needed
for the authentication mechanism (none required for BASIC and
FORM authentication).
- The authenticated UserPrincipal.
disassociate
public void disassociate(Principal user)
Dissassociate the calling context with a Principal.
This method is called when the calling context is not longer
associated with the Principal. It should be used by an implementation
to remove context associations such as ThreadLocals.
The UserPrincipal object remains authenticated, as it may be
associated with other contexts.
user
- A UserPrincipal allocated from this realm.
getName
public String getName()
getPrincipal
public Principal getPrincipal(String username)
Get the principal for a username.
This method is not guaranteed to return a Principal for non-authenticated users.
isUserInRole
public boolean isUserInRole(Principal user,
String role)
Check if the user is in a role.
- True if the user can act in that role.
logout
public void logout(Principal user)
logout a user Principal.
Called by authentication mechanisms (eg FORM) that can detect logout.
user
- A Principal previously returned from this realm
popRole
public Principal popRole(Principal user)
Pop role from a Principal.
user
- A UserPrincipal previously returned from pushRole
- The principal without the role. Most often this will be the
original UserPrincipal passed.
pushRole
public Principal pushRole(Principal user,
String role)
Push role onto a Principal.
This method is used to add a role to an existing principal.
user
- An existing UserPrincipal or null for an anonymous user.role
- The role to add.
- A new UserPrincipal object that wraps the passed user, but
with the added role.
reauthenticate
public boolean reauthenticate(Principal user)
Re Authenticate a Principal.
Authenicate a principal that has previously been return from the authenticate method.
Implementations of this method may adorn the calling context to
assoicate it with the authenticated principal (eg ThreadLocals). If
such context associations are made, they should be considered valid
until a UserRealm.deAuthenticate(UserPrincipal) call is made for this
UserPrincipal.
- True if this user is still authenticated.
Copyright © 2004 Mortbay Consulting Pty. Ltd. All Rights Reserved.