• Home
• org.picketlink
• picketlink-api
• 2.5.4.SP10
• source code
• Authenticator.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.picketlink.authentication.Authenticator Maven / Gradle / Ivy

/*
 * JBoss, Home of Professional Open Source
 *
 * Copyright 2013 Red Hat, Inc. and/or its affiliates.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.picketlink.authentication;


import org.picketlink.idm.model.Account;

/**
 * 
An Authenticator implementation is responsible for managing the user authentication process. This is a key
 * concept of how authentication is performed by PicketLink.
 *
 * 
During the authentication (eg.: Identity.login()) the {@link org.picketlink.Identity} will try to select the
 * proper authenticator based on the following premises:
 *
 * 

 * 
If any class that implements this interface and annotated with {@link org.picketlink.annotations
 * .PicketLink} is provided, it will be used.
 * 
If any producer method or field annotated with {@link org.picketlink.annotations.PicketLink} that
 * references a implementation of this interface, it will be selected.
 * 
 *
 * 
Please, not that implementations must be annotated with {@link org.picketlink.annotations.PicketLink},
 * otherwise they will not be recognized and selected during the authentication process.
 *
 * 
If multiple implementations exists for the same application, only one should be annotated with
 * {@link org.picketlink.annotations.PicketLink}. If you want to use multiple authenticators and select them at
 * runtime based on a specific condition you can use a producer method annotated with this annotation.
 *
 * 
In order to get a successful authentication attempt, considering that the implementation has successfully
 * checked the provided credentials, implementations need to:
 *
 * 

 * 
Return a {@link AuthenticationStatus.SUCCESS} status.
 * 
Return an {@link Account} that maps to the owner of the provided credentials.
 * 
 *
 * 
The other status can be used in case of failure or if the authentication was deferred.
 *
 * 
It is recommended that implementations be requested scoped.
 *
 * @author Shane Bryzak
 */
public interface Authenticator {

    public enum AuthenticationStatus {
        SUCCESS,
        FAILURE,
        DEFERRED
    }

    /**
     * 
Performs the authentication.
     */
    void authenticate();

    /**
     * 
Post-authentication logic. This method is always invoked after an authentication attempt.
     */
    void postAuthenticate();

    /**
     * 
Returns the current status of the authentication attempt.
     *
     * @return
     */
    AuthenticationStatus getStatus();

    /**
     * 
Returns a {@link Account} if a successful authentication was made. Otherwise it should
     * return null.
     *
     * @return
     */
    Account getAccount();
}