001: /*
002: * $Header: /cvsroot/mvnforum/mvnforum/src/com/mvnforum/auth/OnlineUserFactory.java,v 1.14 2007/10/09 11:09:12 lexuanttkhtn Exp $
003: * $Author: lexuanttkhtn $
004: * $Revision: 1.14 $
005: * $Date: 2007/10/09 11:09:12 $
006: *
007: * ====================================================================
008: *
009: * Copyright (C) 2002-2007 by MyVietnam.net
010: *
011: * All copyright notices regarding mvnForum MUST remain
012: * intact in the scripts and in the outputted HTML.
013: * The "powered by" text/logo with a link back to
014: * http://www.mvnForum.com and http://www.MyVietnam.net in
015: * the footer of the pages MUST remain visible when the pages
016: * are viewed on the internet or intranet.
017: *
018: * This program is free software; you can redistribute it and/or modify
019: * it under the terms of the GNU General Public License as published by
020: * the Free Software Foundation; either version 2 of the License, or
021: * any later version.
022: *
023: * This program is distributed in the hope that it will be useful,
024: * but WITHOUT ANY WARRANTY; without even the implied warranty of
025: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
026: * GNU General Public License for more details.
027: *
028: * You should have received a copy of the GNU General Public License
029: * along with this program; if not, write to the Free Software
030: * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
031: *
032: * Support can be obtained from support forums at:
033: * http://www.mvnForum.com/mvnforum/index
034: *
035: * Correspondence and Marketing Questions can be sent to:
036: * info at MyVietnam net
037: *
038: * @author: Minh Nguyen
039: * @author: Mai Nguyen
040: */
041: package com.mvnforum.auth;
042:
043: import javax.servlet.http.HttpServletRequest;
044: import javax.servlet.http.HttpServletResponse;
045:
046: import net.myvietnam.mvncore.exception.DatabaseException;
047: import net.myvietnam.mvncore.web.GenericRequest;
048: import net.myvietnam.mvncore.web.GenericResponse;
049:
050: public interface OnlineUserFactory {
051:
052: /**
053: * Authenticate the user given its login and password (maybe in
054: * encrypted form) and returns some basic information about it.
055: * Optionally, some information can be stored in the request or
056: * session to track that the user has been logged.
057: *
058: * @param request useful to retrieve additional information to
059: * authenticate the user.
060: * @param response a <code>HttpServletResponse</code> value
061: * @param loginName a <code>String</code> value
062: * @param password a <code>String</code> value
063: * @param isEncodedPassword indicate if the password to validate is
064: * already encoded. Note that some backends may not support to
065: * validate against an encrypted password.
066: * @return an <code>OnlineUser</code> value
067: * @exception AuthenticationException if the pair login, password
068: * is not valid. Note that this method will call the
069: * {@link #validatePassword(String, String, boolean)}
070: * @exception DatabaseException if an error occurs
071: * @see #validatePassword(String, String, boolean)
072: */
073: public OnlineUser getAuthenticatedUser(HttpServletRequest request,
074: HttpServletResponse response, String loginName,
075: String password, boolean isEncodedPassword)
076: throws AuthenticationException, DatabaseException;
077:
078: public OnlineUser getAuthenticatedUser(GenericRequest request,
079: GenericResponse response, String loginName,
080: String password, boolean isEncodedPassword)
081: throws AuthenticationException, DatabaseException;
082:
083: /**
084: * This method is called after user have logined successfully.
085: * This method could be used to implement functions prepared for that user.
086: *
087: * @param request a <code>HttpServletRequest</code> value
088: * @param response a <code>HttpServletResponse</code> value
089: * @param onlineUser a <code>OnlineUser</code> that have justed been authenticated
090: */
091: public void postLogin(HttpServletRequest request,
092: HttpServletResponse response, OnlineUser onlineUser)
093: throws DatabaseException;
094:
095: /**
096: * <code>Logout</code> the user from the system.
097: *
098: * @param request a <code>HttpServletRequest</code> value
099: * @param response a <code>HttpServletResponse</code> value
100: */
101: public void logout(HttpServletRequest request,
102: HttpServletResponse response);
103:
104: /**
105: * <code>Logout</code> the user from the system.
106: *
107: * @param request a <code>GenericRequest</code> value
108: * @param response a <code>GenericResponse</code> value
109: */
110: public void logout(GenericRequest request, GenericResponse response);
111:
112: /**
113: * Validate if the given login password pair is valid, in that
114: * case <code>true</code> will be returned. If the password is not
115: * correct, <code>false</code> will be returned. If the user does
116: * not exist or in case of any error, an exception will be thrown.
117: *
118: * @param loginName a <code>String</code> value
119: * @param password a <code>String</code> value
120: * @param isEncodedPassword indicate if the password to validate is
121: * already encoded. Note that some backends may not support to
122: * validate against an encrypted password.
123: * @return a <code>boolean</code> value
124: * @exception AuthenticationException if an error occurs
125: */
126: public boolean validatePassword(String loginName, String password,
127: boolean isEncodedPassword) throws AuthenticationException;
128:
129: /**
130: * Ensure the login/password pair is correct.
131: * If password is correct, nothing happen. However, if the
132: * password is not correct, an AuthenticationException will be thrown
133: *
134: * @param loginName a <code>String</code> value
135: * @param password a <code>String</code> value
136: * @param isEncodedPassword indicate if the password to validate is
137: * already encoded. Note that some backends may not support to
138: * validate against an encrypted password.
139: * @exception AuthenticationException if an error occurs
140: */
141: public void ensureCorrectPassword(String loginName,
142: String password, boolean isEncodedPassword)
143: throws AuthenticationException;
144:
145: /**
146: * Get an encoded version of the user password. This can be
147: * useful to store that password in a cookie, for example. Note
148: * that not all backends will return encrypted passwords as this
149: * can be considered an insecure practice.
150: *
151: * @param loginName a <code>String</code> value
152: * @param password a <code>String</code> value
153: * @return the encoded password of the user or <code>null</code>
154: * if the backend does not support returning stored passwords.
155: */
156: public String getEncodedPassword(String loginName, String password);
157:
158: /**
159: * Get the anonymous user of the system. The request is used to
160: * check some parameters about the user, as its language.
161: *
162: * @param request a <code>HttpServletRequest</code> value
163: * @return an <code>OnlineUser</code> value
164: * @exception DatabaseException if an error occurs
165: */
166: public OnlineUser getAnonymousUser(HttpServletRequest request)
167: throws DatabaseException;
168:
169: public OnlineUser getAnonymousUser(GenericRequest request)
170: throws DatabaseException;
171: }
|