All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.eclipse.jetty.server.UserIdentity Maven / Gradle / Ivy

There is a newer version: 1.0-rc5
Show newest version
// ========================================================================
// Copyright (c) 1996-2009 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
// The Eclipse Public License is available at 
// http://www.eclipse.org/legal/epl-v10.html
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
// You may elect to redistribute this code under either of these licenses. 
// ========================================================================

package org.eclipse.jetty.server;
import java.security.Principal;
import java.util.Map;

import javax.security.auth.Subject;

/* ------------------------------------------------------------ */
/** User object that encapsulates user identity and operations such as run-as-role actions, 
 * checking isUserInRole and getUserPrincipal.
 *
 * Implementations of UserIdentity should be immutable so that they may be
 * cached by Authenticators and LoginServices.
 *
 */
public interface UserIdentity
{
    /* ------------------------------------------------------------ */
    /**
     * @return The user subject
     */
    Subject getSubject();

    /* ------------------------------------------------------------ */
    /**
     * @return The user principal
     */
    Principal getUserPrincipal();

    /* ------------------------------------------------------------ */
    /** Check if the user is in a role.
     * This call is used to satisfy authorization calls from 
     * container code which will be using translated role names.
     * @param role A role name.
     * @param scope
     * @return True if the user can act in that role.
     */
    boolean isUserInRole(String role, Scope scope);
    

    /* ------------------------------------------------------------ */
    /**
     * A UserIdentity Scope.
     * A scope is the environment in which a User Identity is to 
     * be interpreted. Typically it is set by the target servlet of 
     * a request.
     */
    interface Scope
    {
        /* ------------------------------------------------------------ */
        /**
         * @return The context path that the identity is being considered within
         */
        String getContextPath();
        
        /* ------------------------------------------------------------ */
        /**
         * @return The name of the identity context. Typically this is the servlet name.
         */
        String getName();
        
        /* ------------------------------------------------------------ */
        /**
         * @return A map of role reference names that converts from names used by application code
         * to names used by the context deployment.
         */
        Map getRoleRefMap();
    }
    
    /* ------------------------------------------------------------ */
    public interface UnauthenticatedUserIdentity extends UserIdentity
    {
    }

    /* ------------------------------------------------------------ */
    public static final UserIdentity UNAUTHENTICATED_IDENTITY = new UnauthenticatedUserIdentity()
    {
        public Subject getSubject()
        {
            return null;
        }
        
        public Principal getUserPrincipal()
        {
            return null;
        }
        
        public boolean isUserInRole(String role, Scope scope)
        {
            return false;
        }
        
        @Override
        public String toString()
        {
            return "UNAUTHENTICATED";
        }
    };
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy