All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.opencms.security.I_CmsAuthorizationHandler Maven / Gradle / Ivy

Go to download

OpenCms is an enterprise-ready, easy to use website content management system based on Java and XML technology. Offering a complete set of features, OpenCms helps content managers worldwide to create and maintain beautiful websites fast and efficiently.

There is a newer version: 18.0
Show newest version
/*
 * This library is part of OpenCms -
 * the Open Source Content Management System
 *
 * Copyright (c) Alkacon Software GmbH & Co. KG (http://www.alkacon.com)
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * For further information about Alkacon Software GmbH & Co. KG, please see the
 * company website: http://www.alkacon.com
 *
 * For further information about OpenCms, please see the
 * project website: http://www.opencms.org
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */

package org.opencms.security;

import org.opencms.file.CmsObject;
import org.opencms.main.CmsException;

import java.io.IOException;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Defines general authorization methods.

* * One of the application scenarios for this interface is a personalized SSO implementation.

* * @since 6.5.4 */ public interface I_CmsAuthorizationHandler { /** * Class providing the privileged login action.

*/ interface I_PrivilegedLoginAction { /** * Used to provide an initial cms object.

* * @param cms an initial cms object */ void setCmsObject(CmsObject cms); /** * Returns the cms object.

* * @return the cms object */ CmsObject getCmsObject(); /** * Performs a privileged login action and returns a cms object initialized for the principal.

* * @param request the current request * @param principal the principal to login * * @return a cms object initialized for the principal * @throws CmsException if the login action fails */ CmsObject doLogin(HttpServletRequest request, String principal) throws CmsException; } /** * Returns the full URL used to call a login form with additional parameters and a callbackURL.

* * @param loginFormURL the form URL specified in the cms (either as a property or system-wide) * @param params additional parameters to provide to the login form * @param callbackURL the call-back URL to redirect after a successful login * * @return the full URL used to call a login form */ String getLoginFormURL(String loginFormURL, String params, String callbackURL); /** * Creates a new cms object from the given request object.

* * This method is called by OpenCms every time a resource is requested * and the session can not automatically be authenticated.

* * @param request the HTTP request to authenticate * * @return the cms context object associated to the current session */ CmsObject initCmsObject(HttpServletRequest request); /** * Creates a new cms object from the given request object.

* * This method is called by OpenCms every time a resource is requested * and the session can not automatically be authenticated.

* * @param request the HTTP request to authenticate * @param loginAction the privileged login action * * @return the cms context object associated to the current session */ CmsObject initCmsObject(HttpServletRequest request, I_PrivilegedLoginAction loginAction); /** * Authenticates the current request with additional user information.

* * You have to call this method by your own.

* * @param request the HTTP request to authenticate * @param userName the user name to authenticate * @param pwd the user password to authenticate with * * @return the cms context object associated to the given user * * @throws CmsException if something goes wrong */ CmsObject initCmsObject(HttpServletRequest request, String userName, String pwd) throws CmsException; /** * This method sends a request to the client to display a login form, * it is needed for HTTP-Authentication.

* * @param req the client request * @param res the response * @param loginFormURL the full URL used for form based authentication * * @throws IOException if something goes wrong */ void requestAuthorization(HttpServletRequest req, HttpServletResponse res, String loginFormURL) throws IOException; /** * Sets parameters which can be configured additionally for an authorization handler.

* * @param parameters the map of parameters */ void setParameters(Map parameters); }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy