1 // 2 // ======================================================================== 3 // Copyright (c) 1995-2016 Mort Bay Consulting Pty. Ltd. 4 // ------------------------------------------------------------------------ 5 // All rights reserved. This program and the accompanying materials 6 // are made available under the terms of the Eclipse Public License v1.0 7 // and Apache License v2.0 which accompanies this distribution. 8 // 9 // The Eclipse Public License is available at 10 // http://www.eclipse.org/legal/epl-v10.html 11 // 12 // The Apache License v2.0 is available at 13 // http://www.opensource.org/licenses/apache2.0.php 14 // 15 // You may elect to redistribute this code under either of these licenses. 16 // ======================================================================== 17 // 18 19 package org.eclipse.jetty.security; 20 21 import javax.servlet.ServletRequest; 22 23 import org.eclipse.jetty.server.UserIdentity; 24 25 26 /* ------------------------------------------------------------ */ 27 /** 28 * Login Service Interface. 29 * <p> 30 * The Login service provides an abstract mechanism for an {@link Authenticator} 31 * to check credentials and to create a {@link UserIdentity} using the 32 * set {@link IdentityService}. 33 */ 34 public interface LoginService 35 { 36 37 /* ------------------------------------------------------------ */ 38 /** 39 * @return Get the name of the login service (aka Realm name) 40 */ 41 String getName(); 42 43 /* ------------------------------------------------------------ */ 44 /** Login a user. 45 * @param username The user name 46 * @param credentials The users credentials 47 * @param request TODO 48 * @return A UserIdentity if the credentials matched, otherwise null 49 */ 50 UserIdentity login(String username,Object credentials, ServletRequest request); 51 52 /* ------------------------------------------------------------ */ 53 /** Validate a user identity. 54 * Validate that a UserIdentity previously created by a call 55 * to {@link #login(String, Object, ServletRequest)} is still valid. 56 * @param user The user to validate 57 * @return true if authentication has not been revoked for the user. 58 */ 59 boolean validate(UserIdentity user); 60 61 /* ------------------------------------------------------------ */ 62 /** Get the IdentityService associated with this Login Service. 63 * @return the IdentityService associated with this Login Service. 64 */ 65 IdentityService getIdentityService(); 66 67 /* ------------------------------------------------------------ */ 68 /** Set the IdentityService associated with this Login Service. 69 * @param service the IdentityService associated with this Login Service. 70 */ 71 void setIdentityService(IdentityService service); 72 73 void logout(UserIdentity user); 74 75 }