Source code

001package org.apache.archiva.redback.system;
002
003/*
004 * Licensed to the Apache Software Foundation (ASF) under one
005 * or more contributor license agreements.  See the NOTICE file
006 * distributed with this work for additional information
007 * regarding copyright ownership.  The ASF licenses this file
008 * to you under the Apache License, Version 2.0 (the
009 * "License"); you may not use this file except in compliance
010 * with the License.  You may obtain a copy of the License at
011 *
012 * http://www.apache.org/licenses/LICENSE-2.0
013 *
014 * Unless required by applicable law or agreed to in writing,
015 * software distributed under the License is distributed on an
016 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
017 * KIND, either express or implied.  See the License for the
018 * specific language governing permissions and limitations
019 * under the License.
020 */
021
022import org.apache.archiva.redback.authentication.TokenManager;
023import org.apache.archiva.redback.policy.AccountLockedException;
024import org.apache.archiva.redback.policy.MustChangePasswordException;
025import org.apache.archiva.redback.policy.UserSecurityPolicy;
026import org.apache.archiva.redback.users.User;
027import org.apache.archiva.redback.users.UserManagerException;
028import org.apache.archiva.redback.users.UserNotFoundException;
029import org.apache.archiva.redback.authentication.AuthenticationDataSource;
030import org.apache.archiva.redback.authentication.AuthenticationException;
031import org.apache.archiva.redback.authorization.AuthorizationException;
032import org.apache.archiva.redback.authorization.AuthorizationResult;
033import org.apache.archiva.redback.keys.KeyManager;
034import org.apache.archiva.redback.users.UserManager;
035
036/**
037 * SecuritySystem:
038 *
039 * @author: Jesse McConnell
040 */
041public interface SecuritySystem
042{
043
044    // ----------------------------------------------------------------------------
045    // Authentication
046    // ----------------------------------------------------------------------------
047
048    SecuritySession authenticate( AuthenticationDataSource source )
049        throws AuthenticationException, UserNotFoundException, AccountLockedException, MustChangePasswordException,
050        UserManagerException;
051
052    boolean isAuthenticated( AuthenticationDataSource source )
053        throws AuthenticationException, UserNotFoundException, AccountLockedException, MustChangePasswordException,
054        UserManagerException;
055
056    // ----------------------------------------------------------------------------
057    // Authorization
058    // ----------------------------------------------------------------------------
059
060    AuthorizationResult authorize( SecuritySession session, String permission )
061        throws AuthorizationException;
062
063    boolean isAuthorized( SecuritySession session, String permission )
064        throws AuthorizationException;
065
066    /**
067     * return AuthorizationResult without changing authorization
068     *
069     * @param session
070     * @param permission
071     * @param resource
072     * @return
073     * @throws AuthorizationException
074     */
075    AuthorizationResult authorize( SecuritySession session, String permission, String resource )
076        throws AuthorizationException;
077
078    /**
079     * @since 2.3
080     * @param user
081     * @param permission
082     * @param resource
083     * @return
084     * @throws AuthorizationException
085     */
086    AuthorizationResult authorize( User user, String permission, String resource )
087        throws AuthorizationException;
088
089    boolean isAuthorized( SecuritySession session, String permission, String resource )
090        throws AuthorizationException;
091
092    // ----------------------------------------------------------------------------
093    // User Management
094    // ----------------------------------------------------------------------------
095
096    UserManager getUserManager();
097
098    // ----------------------------------------------------------------------------
099    // Key Management
100    // ----------------------------------------------------------------------------
101
102    KeyManager getKeyManager();
103
104    // ----------------------------------------------------------------------------
105    // Policy Management
106    // ----------------------------------------------------------------------------
107
108    UserSecurityPolicy getPolicy();
109
110    /**
111     * @return is it possible to modify user datas (some userManager cannot i.e ldap)
112     * @since 2.1
113     */
114    boolean userManagerReadOnly();
115
116    /**
117     * Returns the token manager implementation.
118     *
119     * @since 2.2
120     */
121    TokenManager getTokenManager();
122}
123