source.dussan.org Git - archiva.git/blob

   1 package org.apache.archiva.security;
   2
   3 /*
   4  * Licensed to the Apache Software Foundation (ASF) under one
   5  * or more contributor license agreements.  See the NOTICE file
   6  * distributed with this work for additional information
   7  * regarding copyright ownership.  The ASF licenses this file
   8  * to you under the Apache License, Version 2.0 (the
   9  * "License"); you may not use this file except in compliance
  10  * with the License.  You may obtain a copy of the License at
  11  *
  12  *  http://www.apache.org/licenses/LICENSE-2.0
  13  *
  14  * Unless required by applicable law or agreed to in writing,
  15  * software distributed under the License is distributed on an
  16  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  17  * KIND, either express or implied.  See the License for the
  18  * specific language governing permissions and limitations
  19  * under the License.
  20  */
  21
  22 import javax.servlet.http.HttpServletRequest;
  23
  24 import org.apache.archiva.redback.authentication.AuthenticationException;
  25 import org.apache.archiva.redback.authentication.AuthenticationResult;
  26 import org.apache.archiva.redback.authorization.AuthorizationException;
  27 import org.apache.archiva.redback.authorization.UnauthorizedException;
  28 import org.apache.archiva.redback.policy.AccountLockedException;
  29 import org.apache.archiva.redback.policy.MustChangePasswordException;
  30 import org.codehaus.plexus.redback.system.SecuritySession;
  31
  32 /**
  33  * @version
  34  */
  35 public interface ServletAuthenticator
  36 {
  37     /**
  38      * Authentication check for users.
  39      *
  40      * @param request
  41      * @param result
  42      * @return
  43      * @throws AuthenticationException
  44      * @throws AccountLockedException
  45      * @throws MustChangePasswordException
  46      */
  47     boolean isAuthenticated( HttpServletRequest request, AuthenticationResult result )
  48         throws AuthenticationException, AccountLockedException, MustChangePasswordException;
  49
  50     /**
  51      * Authorization check for valid users.
  52      *
  53      * @param request
  54      * @param securitySession
  55      * @param repositoryId
  56      * @param isWriteRequest
  57      * @return
  58      * @throws AuthorizationException
  59      * @throws UnauthorizedException
  60      */
  61     boolean isAuthorized( HttpServletRequest request, SecuritySession securitySession, String repositoryId,
  62         String permission ) throws AuthorizationException, UnauthorizedException;
  63
  64     /**
  65      * Authorization check specific for user guest, which doesn't go through
  66      * HttpBasicAuthentication#getAuthenticationResult( HttpServletRequest request, HttpServletResponse response )
  67      * since no credentials are attached to the request.
  68      *
  69      * See also MRM-911
  70      *
  71      * @param principal
  72      * @param repoId
  73      * @param isWriteRequest
  74      * @return
  75      * @throws UnauthorizedException
  76      */
  77     boolean isAuthorized( String principal, String repoId, String permission )
  78         throws UnauthorizedException;
  79 }