001: /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
002: *
003: * Licensed under the Apache License, Version 2.0 (the "License");
004: * you may not use this file except in compliance with the License.
005: * You may obtain a copy of the License at
006: *
007: * http://www.apache.org/licenses/LICENSE-2.0
008: *
009: * Unless required by applicable law or agreed to in writing, software
010: * distributed under the License is distributed on an "AS IS" BASIS,
011: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
012: * See the License for the specific language governing permissions and
013: * limitations under the License.
014: */
015:
016: package org.acegisecurity.userdetails;
017:
018: import org.acegisecurity.Authentication;
019: import org.acegisecurity.GrantedAuthority;
020:
021: import java.io.Serializable;
022:
023: /**
024: * Provides core user information.
025: *
026: * <p>
027: * Implementations are not used directly by Acegi Security for security
028: * purposes. They simply store user information which is later encapsulated
029: * into {@link Authentication} objects. This allows non-security related user
030: * information (such as email addresses, telephone numbers etc) to be stored
031: * in a convenient location.
032: * </p>
033: *
034: * <p>
035: * Concrete implementations must take particular care to ensure the non-null
036: * contract detailed for each method is enforced. See
037: * {@link org.acegisecurity.userdetails.User} for a
038: * reference implementation (which you might like to extend).
039: * </p>
040: *
041: * <p>
042: * Concrete implementations should be immutable (value object semantics,
043: * like a String). This is because the <code>UserDetails</code> will be
044: * stored in caches and as such multiple threads may use the same instance.
045: * </p>
046: *
047: * @author Ben Alex
048: * @version $Id: UserDetails.java 1784 2007-02-24 21:00:24Z luke_t $
049: */
050: public interface UserDetails extends Serializable {
051: //~ Methods ========================================================================================================
052:
053: /**
054: * Returns the authorities granted to the user. Cannot return <code>null</code>.
055: *
056: * @return the authorities (never <code>null</code>)
057: */
058: GrantedAuthority[] getAuthorities();
059:
060: /**
061: * Returns the password used to authenticate the user. Cannot return <code>null</code>.
062: *
063: * @return the password (never <code>null</code>)
064: */
065: String getPassword();
066:
067: /**
068: * Returns the username used to authenticate the user. Cannot return <code>null</code>.
069: *
070: * @return the username (never <code>null</code>)
071: */
072: String getUsername();
073:
074: /**
075: * Indicates whether the user's account has expired. An expired account cannot be authenticated.
076: *
077: * @return <code>true</code> if the user's account is valid (ie non-expired), <code>false</code> if no longer valid
078: * (ie expired)
079: */
080: boolean isAccountNonExpired();
081:
082: /**
083: * Indicates whether the user is locked or unlocked. A locked user cannot be authenticated.
084: *
085: * @return <code>true</code> if the user is not locked, <code>false</code> otherwise
086: */
087: boolean isAccountNonLocked();
088:
089: /**
090: * Indicates whether the user's credentials (password) has expired. Expired credentials prevent
091: * authentication.
092: *
093: * @return <code>true</code> if the user's credentials are valid (ie non-expired), <code>false</code> if no longer
094: * valid (ie expired)
095: */
096: boolean isCredentialsNonExpired();
097:
098: /**
099: * Indicates whether the user is enabled or disabled. A disabled user cannot be authenticated.
100: *
101: * @return <code>true</code> if the user is enabled, <code>false</code> otherwise
102: */
103: boolean isEnabled();
104: }
|