This project has retired. For details please refer to its Attic page.
SecuritySystem xref
View Javadoc

1   package org.apache.archiva.redback.system;
2   
3   /*
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   * http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.
20   */
21  
22  import org.apache.archiva.redback.policy.AccountLockedException;
23  import org.apache.archiva.redback.policy.MustChangePasswordException;
24  import org.apache.archiva.redback.policy.UserSecurityPolicy;
25  import org.apache.archiva.redback.users.UserManagerException;
26  import org.apache.archiva.redback.users.UserNotFoundException;
27  import org.apache.archiva.redback.authentication.AuthenticationDataSource;
28  import org.apache.archiva.redback.authentication.AuthenticationException;
29  import org.apache.archiva.redback.authorization.AuthorizationException;
30  import org.apache.archiva.redback.authorization.AuthorizationResult;
31  import org.apache.archiva.redback.keys.KeyManager;
32  import org.apache.archiva.redback.users.UserManager;
33  
34  /**
35   * SecuritySystem:
36   *
37   * @author: Jesse McConnell <jesse@codehaus.org>
38   */
39  public interface SecuritySystem
40  {
41  
42      // ----------------------------------------------------------------------------
43      // Authentication
44      // ----------------------------------------------------------------------------
45  
46      SecuritySession authenticate( AuthenticationDataSource source )
47          throws AuthenticationException, UserNotFoundException, AccountLockedException, MustChangePasswordException,
48          UserManagerException;
49  
50      boolean isAuthenticated( AuthenticationDataSource source )
51          throws AuthenticationException, UserNotFoundException, AccountLockedException, MustChangePasswordException,
52          UserManagerException;
53  
54      // ----------------------------------------------------------------------------
55      // Authorization
56      // ----------------------------------------------------------------------------
57  
58      AuthorizationResult authorize( SecuritySession session, String permission )
59          throws AuthorizationException;
60  
61      boolean isAuthorized( SecuritySession session, String permission )
62          throws AuthorizationException;
63  
64      /**
65       * return AuthorizationResult without changing authorization
66       *
67       * @param session
68       * @param permission
69       * @param resource
70       * @return
71       * @throws AuthorizationException
72       */
73      AuthorizationResult authorize( SecuritySession session, String permission, String resource )
74          throws AuthorizationException;
75  
76      boolean isAuthorized( SecuritySession session, String permission, String resource )
77          throws AuthorizationException;
78  
79      // ----------------------------------------------------------------------------
80      // User Management
81      // ----------------------------------------------------------------------------
82  
83      UserManager getUserManager();
84  
85      // ----------------------------------------------------------------------------
86      // Key Management
87      // ----------------------------------------------------------------------------
88  
89      KeyManager getKeyManager();
90  
91      // ----------------------------------------------------------------------------
92      // Policy Management
93      // ----------------------------------------------------------------------------
94  
95      UserSecurityPolicy getPolicy();
96  
97      /**
98       * @return is it possible to modify user datas (some userManager cannot i.e ldap)
99       * @since 2.1
100      */
101     boolean userManagerReadOnly();
102 }
103