001package org.apache.archiva.redback.system; 002 003/* 004 * Licensed to the Apache Software Foundation (ASF) under one 005 * or more contributor license agreements. See the NOTICE file 006 * distributed with this work for additional information 007 * regarding copyright ownership. The ASF licenses this file 008 * to you under the Apache License, Version 2.0 (the 009 * "License"); you may not use this file except in compliance 010 * with the License. You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, 015 * software distributed under the License is distributed on an 016 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 017 * KIND, either express or implied. See the License for the 018 * specific language governing permissions and limitations 019 * under the License. 020 */ 021 022import org.apache.archiva.redback.authentication.TokenManager; 023import org.apache.archiva.redback.policy.AccountLockedException; 024import org.apache.archiva.redback.policy.MustChangePasswordException; 025import org.apache.archiva.redback.policy.UserSecurityPolicy; 026import org.apache.archiva.redback.users.User; 027import org.apache.archiva.redback.users.UserManagerException; 028import org.apache.archiva.redback.users.UserNotFoundException; 029import org.apache.archiva.redback.authentication.AuthenticationDataSource; 030import org.apache.archiva.redback.authentication.AuthenticationException; 031import org.apache.archiva.redback.authorization.AuthorizationException; 032import org.apache.archiva.redback.authorization.AuthorizationResult; 033import org.apache.archiva.redback.keys.KeyManager; 034import org.apache.archiva.redback.users.UserManager; 035 036/** 037 * SecuritySystem: 038 * 039 * @author: Jesse McConnell 040 */ 041public interface SecuritySystem 042{ 043 044 // ---------------------------------------------------------------------------- 045 // Authentication 046 // ---------------------------------------------------------------------------- 047 048 SecuritySession authenticate( AuthenticationDataSource source ) 049 throws AuthenticationException, UserNotFoundException, AccountLockedException, MustChangePasswordException, 050 UserManagerException; 051 052 boolean isAuthenticated( AuthenticationDataSource source ) 053 throws AuthenticationException, UserNotFoundException, AccountLockedException, MustChangePasswordException, 054 UserManagerException; 055 056 // ---------------------------------------------------------------------------- 057 // Authorization 058 // ---------------------------------------------------------------------------- 059 060 AuthorizationResult authorize( SecuritySession session, String permission ) 061 throws AuthorizationException; 062 063 boolean isAuthorized( SecuritySession session, String permission ) 064 throws AuthorizationException; 065 066 /** 067 * return AuthorizationResult without changing authorization 068 * 069 * @param session 070 * @param permission 071 * @param resource 072 * @return 073 * @throws AuthorizationException 074 */ 075 AuthorizationResult authorize( SecuritySession session, String permission, String resource ) 076 throws AuthorizationException; 077 078 /** 079 * @since 2.3 080 * @param user 081 * @param permission 082 * @param resource 083 * @return 084 * @throws AuthorizationException 085 */ 086 AuthorizationResult authorize( User user, String permission, String resource ) 087 throws AuthorizationException; 088 089 boolean isAuthorized( SecuritySession session, String permission, String resource ) 090 throws AuthorizationException; 091 092 // ---------------------------------------------------------------------------- 093 // User Management 094 // ---------------------------------------------------------------------------- 095 096 UserManager getUserManager(); 097 098 // ---------------------------------------------------------------------------- 099 // Key Management 100 // ---------------------------------------------------------------------------- 101 102 KeyManager getKeyManager(); 103 104 // ---------------------------------------------------------------------------- 105 // Policy Management 106 // ---------------------------------------------------------------------------- 107 108 UserSecurityPolicy getPolicy(); 109 110 /** 111 * @return is it possible to modify user datas (some userManager cannot i.e ldap) 112 * @since 2.1 113 */ 114 boolean userManagerReadOnly(); 115 116 /** 117 * Returns the token manager implementation. 118 * 119 * @since 2.2 120 */ 121 TokenManager getTokenManager(); 122} 123