Source Code Cross Referenced for CasAuthoritiesPopulator.java in  » Security » acegi-security » org » acegisecurity » providers » cas » Java Source Code / Java DocumentationJava Source Code and Java Documentation

01:        /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
02:         *
03:         * Licensed under the Apache License, Version 2.0 (the "License");
04:         * you may not use this file except in compliance with the License.
05:         * You may obtain a copy of the License at
06:         *
07:         *     http://www.apache.org/licenses/LICENSE-2.0
08:         *
09:         * Unless required by applicable law or agreed to in writing, software
10:         * distributed under the License is distributed on an "AS IS" BASIS,
11:         * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12:         * See the License for the specific language governing permissions and
13:         * limitations under the License.
14:         */
15:
16:        package org.acegisecurity.providers.cas;
17:
18:        import org.acegisecurity.AuthenticationException;
19:
20:        import org.acegisecurity.userdetails.UserDetails;
21:
22:        /**
23:         * Populates the <code>UserDetails</code> associated with a CAS authenticated
24:         * user.
25:         *
26:         * <p>
27:         * CAS does not provide the authorities (roles) granted to a user. It merely
28:         * authenticates their identity. As the Acegi Security System for Spring needs
29:         * to know the authorities granted to a user in order to construct a valid
30:         * <code>Authentication</code> object, implementations of this interface will
31:         * provide this information.
32:         * </p>
33:         *
34:         * <p>
35:         * A {@link UserDetails} is returned by implementations. The
36:         * <code>UserDetails</code> must, at minimum, contain the username and
37:         * <code>GrantedAuthority[]</code> objects applicable to the CAS-authenticated
38:         * user. Note that Acegi Security ignores the password and enabled/disabled
39:         * status of the <code>UserDetails</code> because this is
40:         * authentication-related and should have been enforced by the CAS server. The
41:         * <code>UserDetails</code> returned by implementations is stored in the
42:         * generated <code>CasAuthenticationToken</code>, so additional properties
43:         * such as email addresses, telephone numbers etc can easily be stored.
44:         * </p>
45:         *
46:         * <p>
47:         * Implementations should not perform any caching. They will only be called
48:         * when a refresh is required.
49:         * </p>
50:         *
51:         * @author Ben Alex
52:         * @version $Id: CasAuthoritiesPopulator.java 1784 2007-02-24 21:00:24Z luke_t $
53:         */
54:        public interface CasAuthoritiesPopulator {
55:            //~ Methods ========================================================================================================
56:
57:            /**
58:             * Obtains the granted authorities for the specified user.<P>May throw any
59:             * <code>AuthenticationException</code> or return <code>null</code> if the authorities are unavailable.</p>
60:             *
61:             * @param casUserId as obtained from the CAS validation service
62:             *
63:             * @return the details of the indicated user (at minimum the granted authorities and the username)
64:             *
65:             * @throws AuthenticationException DOCUMENT ME!
66:             */
67:            UserDetails getUserDetails(String casUserId)
68:                    throws AuthenticationException;
69:        }