1 /** 2007, Digitalis Informatica. All rights reserved. 2 * 3 * Distribuicao e Gestao de Informatica, Lda. 4 * Estrada de Paco de Arcos num.9 - Piso -1 5 * 2780-666 Paco de Arcos 6 * Telefone: (351) 21 4408990 7 * Fax: (351) 21 4408999 8 * http://www.digitalis.pt 9 */ 10 11 package pt.digitalis.dif.controller.security.managers; 12 13 import pt.digitalis.dif.controller.security.objects.IDIFUser; 14 import pt.digitalis.dif.exception.security.AuthenticationManagerException; 15 16 /** 17 * Defines the behavior for an authentication manager. 18 * 19 * @author Pedro Viegas <a href="mailto:pviegas@digitalis.pt">pviegas@digitalis.pt</a><br/> 20 * @author Rodrigo Gonçalves <a href="mailto:rgoncalves@digitalis.pt">rgoncalves@digitalis.pt</a><br/> 21 * @created 2007/12/03 22 */ 23 public interface IAuthenticationManager { 24 25 /** 26 * Checks if a given user is already authenticated on the Authentication Module. 27 * 28 * TODO: When integrating External Authentication/Authorization/Identity servers like LDAP, Kerberos and others this 29 * may change a bit. See these APIs for good candidates for implementing these needs: 30 * 31 * http://www.ja-sig.org/products/cas/index.html 32 * 33 * http://www.acegisecurity.org/ 34 * 35 * @param clientIdentifier 36 * the Id that identifies the specific client. Depends on the Channel used to communicate 37 * @return T if a session with this ID is present and active. 38 */ 39 public boolean isClientLogged(String clientIdentifier); 40 41 /** 42 * Performs the log in of a user with a given id on the framework. 43 * 44 * @param clientIdentifier 45 * the Id that identifies the specific client. Depends on the Channel used to communicate 46 * @param userID 47 * the id of the user to log in 48 * @param password 49 * the password for the user 50 * @return the updated session object 51 * @throws AuthenticationManagerException 52 * if the resources needed for authentication can't be accessed 53 */ 54 public IDIFUser logIn(String clientIdentifier, String userID, String password) 55 throws AuthenticationManagerException; 56 57 /** 58 * Performs the log out of a user with a given id on the framework. 59 * 60 * @param clientIdentifier 61 * the Id that identifies the specific client. Depends on the Channel used to communicate 62 */ 63 public void logOut(String clientIdentifier); 64 65 /** 66 * Called to notify the authentication system that the client has disconnected. Each implementation will decide what 67 * to do in this case. Either do nothing and keep the user connected (if the authentication repository is shared by 68 * external systems), of logout the user from the authentication system (if it is a DIF specific authentication 69 * system). 70 * 71 * @param clientIdentifier 72 * the Id that identifies the specific client. Depends on the Channel used to communicate 73 */ 74 public void disconnectClient(String clientIdentifier); 75 76 /** 77 * Searches for the user authenticated for this client in the authentication system and returns it if present. 78 * 79 * @param clientIdentifier 80 * the Id that identifies the specific client. Depends on the Channel used to communicate 81 * @return the authenticated user record 82 * @throws AuthenticationManagerException 83 * if the resources needed for authentication can't be accessed 84 */ 85 public IDIFUser getLoggedUser(String clientIdentifier) throws AuthenticationManagerException; 86 }