View Javadoc

1   // ========================================================================
2   // Copyright (c) 1996-2009 Mort Bay Consulting Pty. Ltd.
3   // ------------------------------------------------------------------------
4   // All rights reserved. This program and the accompanying materials
5   // are made available under the terms of the Eclipse Public License v1.0
6   // and Apache License v2.0 which accompanies this distribution.
7   // The Eclipse Public License is available at 
8   // http://www.eclipse.org/legal/epl-v10.html
9   // The Apache License v2.0 is available at
10  // http://www.opensource.org/licenses/apache2.0.php
11  // You may elect to redistribute this code under either of these licenses. 
12  // ========================================================================
13  
14  package org.eclipse.jetty.server;
15  import java.security.Principal;
16  import java.util.Map;
17  
18  import javax.security.auth.Subject;
19  
20  /* ------------------------------------------------------------ */
21  /** User object that encapsulates user identity and operations such as run-as-role actions, 
22   * checking isUserInRole and getUserPrincipal.
23   *
24   * Implementations of UserIdentity should be immutable so that they may be
25   * cached by Authenticators and LoginServices.
26   *
27   */
28  public interface UserIdentity
29  {
30      /* ------------------------------------------------------------ */
31      /**
32       * @return The user subject
33       */
34      Subject getSubject();
35  
36      /* ------------------------------------------------------------ */
37      /**
38       * @return The user principal
39       */
40      Principal getUserPrincipal();
41  
42      /* ------------------------------------------------------------ */
43      /** Check if the user is in a role.
44       * This call is used to satisfy authorization calls from 
45       * container code which will be using translated role names.
46       * @param role A role name.
47       * @param scope
48       * @return True if the user can act in that role.
49       */
50      boolean isUserInRole(String role, Scope scope);
51      
52  
53      /* ------------------------------------------------------------ */
54      /**
55       * A UserIdentity Scope.
56       * A scope is the environment in which a User Identity is to 
57       * be interpreted. Typically it is set by the target servlet of 
58       * a request.
59       */
60      interface Scope
61      {
62          /* ------------------------------------------------------------ */
63          /**
64           * @return The context path that the identity is being considered within
65           */
66          String getContextPath();
67          
68          /* ------------------------------------------------------------ */
69          /**
70           * @return The name of the identity context. Typically this is the servlet name.
71           */
72          String getName();
73          
74          /* ------------------------------------------------------------ */
75          /**
76           * @return A map of role reference names that converts from names used by application code
77           * to names used by the context deployment.
78           */
79          Map<String,String> getRoleRefMap();
80      }
81      
82      /* ------------------------------------------------------------ */
83      public interface UnauthenticatedUserIdentity extends UserIdentity
84      {
85      }
86  
87      /* ------------------------------------------------------------ */
88      public static final UserIdentity UNAUTHENTICATED_IDENTITY = new UnauthenticatedUserIdentity()
89      {
90          public Subject getSubject()
91          {
92              return null;
93          }
94          
95          public Principal getUserPrincipal()
96          {
97              return null;
98          }
99          
100         public boolean isUserInRole(String role, Scope scope)
101         {
102             return false;
103         }
104         
105         @Override
106         public String toString()
107         {
108             return "UNAUTHENTICATED";
109         }
110     };
111 }