1 // ======================================================================== 2 // Copyright 2000-2005 Mort Bay Consulting Pty. Ltd. 3 // ------------------------------------------------------------------------ 4 // Licensed under the Apache License, Version 2.0 (the "License"); 5 // you may not use this file except in compliance with the License. 6 // You may obtain a copy of the License at 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // Unless required by applicable law or agreed to in writing, software 9 // distributed under the License is distributed on an "AS IS" BASIS, 10 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 // See the License for the specific language governing permissions and 12 // limitations under the License. 13 // ======================================================================== 14 15 package org.mortbay.jetty.security; 16 17 import java.security.Principal; 18 19 import org.mortbay.jetty.Request; 20 import org.mortbay.jetty.Response; 21 22 23 /* ------------------------------------------------------------ */ 24 /** Single Sign On Realm. 25 * This interface is a mix-in interface for the UserRealm interface. If an 26 * implementation of UserRealm also implements SSORealm, then single signon 27 * is supported for that realm. 28 29 * @see UserRealm 30 * @author Greg Wilkins (gregw) 31 */ 32 33 public interface SSORealm 34 { 35 /** Get SSO credentials. 36 * This call is used by an authenticator to check if a SSO exists for a request. 37 * If SSO authentiation is successful, the requests UserPrincipal and 38 * AuthUser fields are set. If available, the credential used to 39 * authenticate the user is returned. If recoverable credentials are not required then 40 * null may be return. 41 * @param request The request to SSO. 42 * @param response The response to SSO. 43 * @return A credential if available for SSO authenticated requests. 44 */ 45 public Credential getSingleSignOn(Request request,Response response); 46 47 /** Set SSO principal and credential. 48 * This call is used by an authenticator to inform the SSO mechanism that 49 * a user has signed on. The SSO mechanism should record the principal 50 * and credential and update the response with any cookies etc. required. 51 * @param request The authenticated request. 52 * @param response The authenticated response/ 53 * @param principal The principal that has been authenticated. 54 * @param credential The credentials used to authenticate. 55 */ 56 57 public void setSingleSignOn(Request request, 58 Response response, 59 Principal principal, 60 Credential credential); 61 62 /** Clear SSO for user. 63 * @param username The user to clear. 64 */ 65 public void clearSingleSignOn(String username); 66 }