org.acegisecurity.concurrent.ConcurrentSessionController Maven / Gradle / Ivy
/* Copyright 2004, 2005 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.acegisecurity.concurrent;
import org.acegisecurity.Authentication;
import org.acegisecurity.AuthenticationException;
/**
* Provides two methods that can be called by an {@link
* org.acegisecurity.AuthenticationManager} to integrate with the
* concurrent session handling infrastructure.
*
* @author Ben Alex
* @version $Id: ConcurrentSessionController.java,v 1.2 2005/11/17 00:55:56 benalex Exp $
*/
public interface ConcurrentSessionController {
//~ Methods ================================================================
/**
* Called by any class that wishes to know whether the current
* authentication request should be permitted. Generally callers will be
* AuthenticationManager
s before they authenticate, but could
* equally include Filter
s or other interceptors that wish to
* confirm the ongoing validity of a previously authenticated
* Authentication
.
*
*
* The implementation should throw a suitable exception if the user has
* exceeded their maximum allowed concurrent sessions.
*
*
* @param request the authentication request (never null
)
*
* @throws AuthenticationException if the user has exceeded their maximum
* allowed current sessions
*/
public void checkAuthenticationAllowed(Authentication request)
throws AuthenticationException;
/**
* Called by an AuthenticationManager
when the authentication
* was successful. An implementation is expected to register the
* authenticated user in some sort of registry, for future concurrent
* tracking via the {@link #checkConcurrentAuthentication(Authentication)}
* method.
*
* @param authentication the successfully authenticated user (never
* null
)
*/
public void registerSuccessfulAuthentication(Authentication authentication);
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy