01: /*
02: * Licensed to the Apache Software Foundation (ASF) under one or more
03: * contributor license agreements. See the NOTICE file distributed with
04: * this work for additional information regarding copyright ownership.
05: * The ASF licenses this file to You under the Apache License, Version 2.0
06: * (the "License"); you may not use this file except in compliance with
07: * the License. You may obtain a copy of the License at
08: *
09: * http://www.apache.org/licenses/LICENSE-2.0
10: *
11: * Unless required by applicable law or agreed to in writing, software
12: * distributed under the License is distributed on an "AS IS" BASIS,
13: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14: * See the License for the specific language governing permissions and
15: * limitations under the License.
16: */
17: package org.apache.cocoon.auth;
18:
19: import java.util.Map;
20:
21: /**
22: * The Security Handler
23: * A security handler is the connection between the web application and the
24: * backend system managing the users.
25: * A handler offers two main methods: one for login and one for logout. The
26: * login method tries to authenticate the current user and returns a
27: * {@link User} object on success.
28: *
29: * A {@link SecurityHandler} must be implemented in a thread safe manner.
30: *
31: * @version $Id: SecurityHandler.java 433543 2006-08-22 06:22:54Z crossley $
32: */
33: public interface SecurityHandler {
34:
35: /**
36: * Try to authenticate the user.
37: * @param context The context for the login operation.
38: * @return The user if the authentication is successful, null otherwise.
39: * @throws Exception If something goes wrong.
40: */
41: User login(Map context) throws Exception;
42:
43: /**
44: * This notifies the security-handler that a user logs out.
45: * @param context The context for the login operation.
46: * @param user The user object.
47: */
48: void logout(Map context, User user);
49:
50: /**
51: * Return a unique identifier for this security handler.
52: * For session replication to work, a security handler must deliver
53: * the same identifier across systems!
54: * @return A unique identifier.
55: */
56: String getId();
57: }
|