View Javadoc

1   // ========================================================================
2   // Copyright 2000-2005 Mort Bay Consulting Pty. Ltd.
3   // ------------------------------------------------------------------------
4   // Licensed under the Apache License, Version 2.0 (the "License");
5   // you may not use this file except in compliance with the License.
6   // You may obtain a copy of the License at 
7   // http://www.apache.org/licenses/LICENSE-2.0
8   // Unless required by applicable law or agreed to in writing, software
9   // distributed under the License is distributed on an "AS IS" BASIS,
10  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11  // See the License for the specific language governing permissions and
12  // limitations under the License.
13  // ========================================================================
14  
15  package org.mortbay.jetty.security;
16  
17  import java.security.Principal;
18  
19  import org.mortbay.jetty.Request;
20  import org.mortbay.jetty.Response;
21  
22  
23  /* ------------------------------------------------------------ */
24  /** Single Sign On Realm.
25   * This interface is a mix-in interface for the UserRealm interface. If an
26   * implementation of UserRealm also implements SSORealm, then single signon
27   * is supported for that realm.
28   
29   * @see UserRealm
30   * @author Greg Wilkins (gregw)
31   */
32  
33  public interface SSORealm
34  {
35      /** Get SSO credentials.
36       * This call is used by an authenticator to check if a SSO exists for a request.
37       * If SSO authentiation is successful, the requests UserPrincipal and
38       * AuthUser fields are set.  If available, the credential used to
39       * authenticate the user is returned. If recoverable credentials are not required then
40       * null may be return.
41       * @param request The request to SSO.
42       * @param response The response to SSO.
43       * @return A credential if available for SSO authenticated requests.
44       */
45      public Credential getSingleSignOn(Request request,Response response);
46      
47      /** Set SSO principal and credential.
48       * This call is used by an authenticator to inform the SSO mechanism that
49       * a user has signed on. The SSO mechanism should record the principal
50       * and credential and update the response with any cookies etc. required. 
51       * @param request The authenticated request.
52       * @param response The authenticated response/
53       * @param principal The principal that has been authenticated.
54       * @param credential The credentials used to authenticate.
55       */
56      
57      public void setSingleSignOn(Request request,
58                                  Response response,
59                                  Principal principal,
60                                  Credential credential);
61      
62      /** Clear SSO for user.
63       * @param username The user to clear.
64       */
65      public void clearSingleSignOn(String username);
66  }