• Home
• com.eclipsesource.jaxrs
• provider-security
• 2.0-SR1
• source code
• AuthenticationHandler.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.eclipsesource.jaxrs.provider.security.AuthenticationHandler Maven / Gradle / Ivy

/*******************************************************************************
 * Copyright (c) 2013 Bryan Hunt and others.
 * All rights reserved. This program and the accompanying materials
 * are made available under the terms of the Eclipse Public License v1.0
 * which accompanies this distribution, and is available at
 * http://www.eclipse.org/legal/epl-v10.html
 *
 * Contributors:
 *    Bryan Hunt - initial API and implementation
 *    Holger Staudacher - API finalization
 ******************************************************************************/
package com.eclipsesource.jaxrs.provider.security;


import java.security.Principal;

import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.core.SecurityContext;

/**
 * 

 * The {@link AuthenticationHandler} is part of the security provider and needs to be registered as an OSGi servide. 
 * Client may implement this interface to perform user authentication and to define an authentication scheme. 
 * These values will be used later on in a {@link SecurityContext} that is used by the framework to verify 
 * authentication.
 * 
 * 

 * An {@link AuthenticationHandler} may be used together with an {@link AuthorizationHandler}.
 * 
 * 
 * @see SecurityContext
 * @see AuthorizationHandler
 */
public interface AuthenticationHandler {

  /**
   * 

   * Authenticates the user initiating the request. Implementations must return null if the
   * user could not be authenticated.
   * 
   * 
   * @param requestContext the request context supplied by the underlying JAX-RS implementation.
   * @return a principal representing the authenticated user initiating the request or {@code null} if
   *         the user could not be authenticated.
   */
  Principal authenticate( ContainerRequestContext requestContext );

  /**
   * @return the authentication scheme. Must be one of {@link SecurityContext.BASIC_AUTH},
   *         {@link SecurityContext.CLIENT_CERT_AUTH,} {@link SecurityContext.DIGEST_AUTH},
   *         {@link SecurityContext.FORM_AUTH} or {@code null}.
   *         
   * @see SecurityContext
   */
  String getAuthenticationScheme();
}