org.mortbay.http
Interface UserRealm
public
interface
UserRealm
User Realm.
This interface should be specialized to provide specific user
lookup and authentication using arbitrary methods.
For SSO implementation sof UserRealm should also implement SSORealm.
Version: $Id: UserRealm.java,v 1.16 2006/02/28 12:45:01 gregwilkins Exp $
Author: Greg Wilkins (gregw)
See Also: SSORealm
Method Summary |
Principal | authenticate(String username, Object credentials, HttpRequest request) Authenticate a users credentials.
|
void | disassociate(Principal user) Dissassociate the calling context with a Principal.
|
String | getName() |
Principal | getPrincipal(String username) Get the principal for a username.
|
boolean | isUserInRole(Principal user, String role) Check if the user is in a role. |
void | logout(Principal user) logout a user Principal.
|
Principal | popRole(Principal user) Pop role from a Principal. |
Principal | pushRole(Principal user, String role) Push role onto a Principal.
|
boolean | reauthenticate(Principal user) Re Authenticate a Principal.
|
public Principal authenticate(String username, Object credentials,
HttpRequest request)
Authenticate a users credentials.
Implementations of this method may adorn the calling context to
assoicate it with the authenticated principal (eg ThreadLocals). If
such context associations are made, they should be considered valid
until a UserRealm.deAuthenticate(UserPrincipal) call is made for this
UserPrincipal.
Parameters: username The username. credentials The user credentials, normally a String password. request The request to be authenticated. Additional
parameters may be extracted or set on this request as needed
for the authentication mechanism (none required for BASIC and
FORM authentication).
Returns: The authenticated UserPrincipal.
public void disassociate(Principal user)
Dissassociate the calling context with a Principal.
This method is called when the calling context is not longer
associated with the Principal. It should be used by an implementation
to remove context associations such as ThreadLocals.
The UserPrincipal object remains authenticated, as it may be
associated with other contexts.
Parameters: user A UserPrincipal allocated from this realm.
public String getName()
public Principal getPrincipal(String username)
Get the principal for a username.
This method is not guaranteed to return a Principal for non-authenticated users.
public boolean isUserInRole(Principal user, String role)
Check if the user is in a role.
Parameters: role A role name.
Returns: True if the user can act in that role.
public void logout(Principal user)
logout a user Principal.
Called by authentication mechanisms (eg FORM) that can detect logout.
Parameters: user A Principal previously returned from this realm
public Principal popRole(Principal user)
Pop role from a Principal.
Parameters: user A UserPrincipal previously returned from pushRole
Returns: The principal without the role. Most often this will be the
original UserPrincipal passed.
public Principal pushRole(Principal user, String role)
Push role onto a Principal.
This method is used to add a role to an existing principal.
Parameters: user An existing UserPrincipal or null for an anonymous user. role The role to add.
Returns: A new UserPrincipal object that wraps the passed user, but
with the added role.
public boolean reauthenticate(Principal user)
Re Authenticate a Principal.
Authenicate a principal that has previously been return from the authenticate method.
Implementations of this method may adorn the calling context to
assoicate it with the authenticated principal (eg ThreadLocals). If
such context associations are made, they should be considered valid
until a UserRealm.deAuthenticate(UserPrincipal) call is made for this
UserPrincipal.
Returns: True if this user is still authenticated.
Copyright © 2004 Mortbay Consulting Pty. Ltd. All Rights Reserved.