org.apache.catalina.TomcatPrincipal Maven / Gradle / Ivy
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.catalina;
import java.security.Principal;
import java.util.Enumeration;
import org.ietf.jgss.GSSCredential;
/**
* Defines additional methods implemented by {@link Principal}s created by Tomcat's standard {@link Realm}
* implementations.
*/
public interface TomcatPrincipal extends Principal {
/**
* @return The authenticated Principal to be exposed to applications.
*/
Principal getUserPrincipal();
/**
* @return The user's delegated credentials.
*/
GSSCredential getGssCredential();
/**
* Calls logout, if necessary, on any associated JAASLoginContext and/or GSSContext. May in the future be extended
* to cover other logout requirements.
*
* @throws Exception If something goes wrong with the logout. Uses Exception to allow for future expansion of this
* method to cover other logout mechanisms that might throw a different exception to
* LoginContext
*/
void logout() throws Exception;
/**
* Returns the value of the named attribute as an Object, or null if no attribute of the
* given name exists, or if null has been specified as the attribute's name.
*
* Only the servlet container may set attributes to make available custom information about a Principal or the user
* it represents.
*
* The purpose of the method is to implement read only access to attributes which may be stored in the
* Realm implementation's backend due to its inherent design.
*
* As using this method from application code will make it non portable to other EE compliant containers, it is
* advised this should never be used as an object storage facility tied to the Principal, but rather as
* simple extra additional metadata. It is recommended that a container level object is used to further process the
* attributes that may be associated with the Principal.
*
* Realm implementations that are provided by Tomcat will not provide complex type mapping, but will in
* most cases always return a result as a String object which may need custom decoding.
*
* Realm implementations that are provided by Tomcat will not provide an implementation for this
* facility unless it is inherent to the storage backend of the Realm itself and metadata is available
* without additional user intervention or configuration.
*
* @param name a String specifying the name of the attribute
*
* @return an Object containing the value of the attribute, or null if the attribute does
* not exist, or if null has been specified as the attribute's name
*/
Object getAttribute(String name);
/**
* Returns an Enumeration containing the names of the attributes available to this Principal. This
* method returns an empty Enumeration if the Principal has no attributes available to it.
*
* @return an Enumeration of strings containing the names of the Principal's attributes
*/
Enumeration getAttributeNames();
}