io.undertow.security.idm.IdentityManager Maven / Gradle / Ivy

Show more of this group Show more artifacts with this name
Show all versions of wildfly-client-all

This artifact provides a single jar that contains all classes required to use remote EJB and JMS, including all dependencies. It is intended for use by those not using maven, maven users should just import the EJB and JMS BOM's instead (shaded JAR's cause lots of problems with maven, as it is very easy to inadvertently end up with different versions on classes on the class path).

There is a newer version: 33.0.2.Final

Show newest version

/*
 * JBoss, Home of Professional Open Source.
 * Copyright 2014 Red Hat, Inc., and individual contributors
 * as indicated by the @author tags.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 */
package io.undertow.security.idm;

/**
 * The IdentityManager interface to be implemented by an identity manager implementation providing user verification and
 * identity loading to Undertow.
 *
 * Note: The IdentityManager interface is very much work in progress, methods are added to cover use cases as identified and
 * then simplified as common cases are defined.
 *
 * @author Darran Lofthouse
 */
public interface IdentityManager {

    /**
     * Verify a previously authenticated account.
     *
     * Typical checks could be along the lines of verifying that the account is not now locked or that the password has not been
     * reset since last verified, also this provides an opportunity for roles to be re-loaded if membership information has
     * changed.
     *
     * @param account - The {@link Account} to verify.
     * @return An updates {@link Account} if verification is successful, null otherwise.
     */
    Account verify(final Account account);

    /**
     * Verify a supplied {@link Credential} against a requested ID.
     *
     * @param id - The requested ID for the account.
     * @param credential - The {@link Credential} to verify.
     * @return The {@link Account} for the user if verification was successful, null otherwise.
     */
    Account verify(final String id, final Credential credential);

    /**
     * Perform verification when all we have is the Credential, in this case the IdentityManager is also responsible for mapping the Credential to an account.
     *
     * The most common scenario for this would be mapping an X509Certificate to the user it is associated with.
     *
     * @param credential
     * @return
     */
    Account verify(final Credential credential);

}