org.acegisecurity.providers.cas.CasAuthoritiesPopulator Maven / Gradle / Ivy
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.acegisecurity.providers.cas;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.userdetails.UserDetails;
/**
* Populates the UserDetails
associated with a CAS authenticated
* user.
*
*
* CAS does not provide the authorities (roles) granted to a user. It merely
* authenticates their identity. As the Acegi Security System for Spring needs
* to know the authorities granted to a user in order to construct a valid
* Authentication
object, implementations of this interface will
* provide this information.
*
*
*
* A {@link UserDetails} is returned by implementations. The
* UserDetails
must, at minimum, contain the username and
* GrantedAuthority[]
objects applicable to the CAS-authenticated
* user. Note that Acegi Security ignores the password and enabled/disabled
* status of the UserDetails
because this is
* authentication-related and should have been enforced by the CAS server. The
* UserDetails
returned by implementations is stored in the
* generated CasAuthenticationToken
, so additional properties
* such as email addresses, telephone numbers etc can easily be stored.
*
*
*
* Implementations should not perform any caching. They will only be called
* when a refresh is required.
*
*
* @author Ben Alex
* @version $Id: CasAuthoritiesPopulator.java 1784 2007-02-24 21:00:24Z luke_t $
*/
public interface CasAuthoritiesPopulator {
//~ Methods ========================================================================================================
/**
* Obtains the granted authorities for the specified user.May throw any
* AuthenticationException
or return null
if the authorities are unavailable.
*
* @param casUserId as obtained from the CAS validation service
*
* @return the details of the indicated user (at minimum the granted authorities and the username)
*
* @throws AuthenticationException DOCUMENT ME!
*/
UserDetails getUserDetails(String casUserId)
throws AuthenticationException;
}