• Home
• org.seedstack.seed
• seed-security-specs
• 2.3.0
• source code
• AuthenticationToken.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.seedstack.seed.security.AuthenticationToken Maven / Gradle / Ivy

/**
 * Copyright (c) 2013-2016, The SeedStack authors 
 *
 * This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
 */
package org.seedstack.seed.security;

import java.io.Serializable;

/**
 * An AuthenticationToken is a consolidation of an account's principals
 * and supporting credentials submitted by a user during an authentication
 * attempt.
 * 

 * Because applications represent user data and credentials in different ways,
 * implementations of this interface are application-specific. You are free to
 * acquire a user's principals and credentials however you wish (e.g. web form,
 * Swing form, fingerprint identification, etc) and then submit them to the
 * framework in the form of an implementation of this interface.
 * 

 * If your application's authentication process is username/password based (like
 * most), instead of implementing this interface yourself, take a look at the
 * {@link UsernamePasswordToken UsernamePasswordToken} class, as it is probably
 * sufficient for your needs.
 */
public interface AuthenticationToken extends Serializable {

	/**
	 * Returns the account identity submitted during the authentication process.
	 * 

	 * Most application authentications are username/password based and have
	 * this object represent a username. If this is the case for your
	 * application, take a look at the {@link UsernamePasswordToken
	 * UsernamePasswordToken}, as it is probably sufficient for your use.
	 * 

	 * Ultimately, the object returned is application specific and can represent
	 * any account identity.
	 * 
	 * @return the account identity submitted during the authentication process.
	 * @see UsernamePasswordToken
	 */
	Object getPrincipal();

	/**
	 * Returns the credentials submitted by the user during the authentication
	 * process that verifies the submitted {@link #getPrincipal() account
	 * identity}.
	 * 

	 * Most application authentications are username/password based and have
	 * this object represent a submitted password. If this is the case for your
	 * application, take a look at the {@link UsernamePasswordToken
	 * UsernamePasswordToken}, as it is probably sufficient for your use.
	 * 

	 * Ultimately, the credentials Object returned is application specific and
	 * can represent any credential mechanism.
	 * 
	 * @return the credential submitted by the user during the authentication
	 *         process.
	 */
	Object getCredentials();

}