001/* 002 * (C) Copyright 2006-2008 Nuxeo SAS (http://nuxeo.com/) and contributors. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the GNU Lesser General Public License 006 * (LGPL) version 2.1 which accompanies this distribution, and is available at 007 * http://www.gnu.org/licenses/lgpl.html 008 * 009 * This library is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * Contributors: 015 * Nuxeo - initial API and implementation 016 */ 017 018package org.nuxeo.ecm.platform.ui.web.auth.interfaces; 019 020import javax.servlet.ServletRequest; 021import javax.servlet.http.HttpSession; 022 023import org.nuxeo.ecm.platform.ui.web.auth.CachableUserIdentificationInfo; 024 025/** 026 * SessionManager interface for Authentication Filter. 027 * 028 * @author tiry 029 */ 030public interface NuxeoAuthenticationSessionManager { 031 032 /** 033 * Checks whether or not this request was made to perform login. This is tested by the authentication filter to 034 * decide if a switch user is needed. 035 */ 036 boolean needResetLogin(ServletRequest req); 037 038 /** 039 * Returns true if request does not require to be authenticated. 040 */ 041 boolean canBypassRequest(ServletRequest request); 042 043 /** 044 * CallBack to clean up web session associated resources. 045 */ 046 void onBeforeSessionInvalidate(ServletRequest request); 047 048 /** 049 * CallBack before SessionReinit. 050 */ 051 void onBeforeSessionReinit(ServletRequest request); 052 053 /** 054 * CallBack after SessionReinit. 055 */ 056 void onAfterSessionReinit(ServletRequest request); 057 058 /** 059 * CallBack for session creation 060 */ 061 void onAuthenticatedSessionCreated(ServletRequest request, HttpSession session, 062 CachableUserIdentificationInfo cachebleUserInfo); 063 064}