001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017: package org.apache.jetspeed.sso;
018:
019: import java.util.Collection;
020: import java.util.Iterator;
021: import java.util.List;
022:
023: import javax.security.auth.Subject;
024:
025: /**
026: * <p>Utility component to handle SSO requests</p>
027: *
028: * @author <a href="mailto:rogerrut@apache.org">Roger Ruttimann</a>
029: */
030: public interface SSOProvider {
031: /**
032: * Init
033: * Called from the Spring Framework to initialize SSO Provider component
034: * @throws Exception
035: */
036: void init() throws Exception;
037:
038: /**
039: * This method first authenticates the the SSOSite and then forwards the request
040: * to the destination URL. The content will be returned as a string.
041: * If the SSOSite and the url match only one call will be executed since the
042: * authentication will be done while getting the result page.
043: *
044: * @param userID
045: * @param url
046: * @param SSOSite
047: * @param bRefresh if true it refreshes the proxy connection if false a cached proxy will be used
048: * @return
049: * @throws SSOException
050: */
051: public String useSSO(Subject subject, String url, String SSOSite,
052: boolean bRefresh) throws SSOException;
053:
054: /**
055: * Same as the method above except that the user will be authenticated against all
056: * SSOSites defined for the user before going to the destination site.
057: *
058: * @param userID
059: * @param url
060: * @param bRefresh if true it refreshes the proxy connection if false a cached proxy will be used
061: * @return
062: * @throws SSOException
063: */
064: public String useSSO(Subject subject, String url, boolean bRefresh)
065: throws SSOException;
066:
067: /**
068: * Retrive cookies for an user by User full path
069: * @param fullPath
070: * @return
071: */
072: Collection getCookiesForUser(String fullPath);
073:
074: /**
075: * Retrive Cookies by Subject
076: * @param user
077: * @return
078: */
079: Collection getCookiesForUser(Subject user);
080:
081: /**
082: * Public API's for SSO functinality
083: * @return
084: */
085: boolean hasSSOCredentials(Subject subject, String site);
086:
087: SSOContext getCredentials(Subject subject, String site)
088: throws SSOException;
089:
090: void addCredentialsForSite(Subject subject, String remoteUser,
091: String site, String pwd) throws SSOException;
092:
093: void updateCredentialsForSite(Subject subject, String remoteUser,
094: String site, String pwd) throws SSOException;
095:
096: void removeCredentialsForSite(Subject subject, String site)
097: throws SSOException;
098:
099: /**
100: * return a list of SSOContext objects containing
101: * both the portal principal, remote principal, and credentials
102: *
103: * @param site
104: * @return list SSOContext objects
105: */
106: List getPrincipalsForSite(SSOSite site);
107:
108: Iterator getSites(String filter);
109:
110: SSOSite getSite(String siteUrl);
111:
112: void updateSite(SSOSite site) throws SSOException;
113:
114: void addSite(String siteName, String siteUrl) throws SSOException;
115:
116: void removeSite(SSOSite site) throws SSOException;
117:
118: /**
119: * addCredentialsForSite()
120: * @param fullPath
121: * @param remoteUser
122: * @param site
123: * @param pwd
124: * @throws SSOException
125: */
126: void addCredentialsForSite(String fullPath, String remoteUser,
127: String site, String pwd) throws SSOException;
128:
129: /**
130: * removeCredentialsForSite()
131: * @param fullPath
132: * @param site
133: * @throws SSOException
134: */
135: void removeCredentialsForSite(String fullPath, String site)
136: throws SSOException;
137:
138: /* Retrive site information */
139: String getSiteURL(String site);
140:
141: String getSiteName(String site);
142:
143: void setRealmForSite(String site, String realm) throws SSOException;
144:
145: String getRealmForSite(String site) throws SSOException;
146:
147: /**
148: * Get all SSOSites that the principal has access to
149: * @param userId
150: * @return
151: */
152: public Collection getSitesForPrincipal(String userId);
153:
154: /**
155: * Add a new site that uses Challenge / Response Authentication
156: * @param siteName
157: * @param siteUrl
158: * @param realm
159: * @throws SSOException
160: */
161: public void addSiteChallengeResponse(String siteName,
162: String siteUrl, String realm) throws SSOException;
163:
164: /**
165: * Add a new site that uses Form Authentication
166: * @param siteName
167: * @param siteUrl
168: * @param realm
169: * @param userField
170: * @param pwdField
171: * @throws SSOException
172: */
173: public void addSiteFormAuthenticated(String siteName,
174: String siteUrl, String realm, String userField,
175: String pwdField) throws SSOException;
176:
177: }
|