001/* 
002 * Copyright (c) 2006-2011 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * All rights reserved. This program and the accompanying materials
005 * are made available under the terms of the Eclipse Public License v1.0
006 * which accompanies this distribution, and is available at
007 * http://www.eclipse.org/legal/epl-v10.html
008 *
009 * Contributors:
010 *     bstefanescu
011 */
012package org.nuxeo.ecm.webengine.jaxrs.login;
013
014import java.util.Map;
015
016import javax.security.auth.login.LoginContext;
017import javax.security.auth.login.LoginException;
018import javax.servlet.http.HttpServletRequest;
019import javax.servlet.http.HttpServletResponse;
020
021/**
022 * Initiate an authentication for the given HTTP request. Implementations are responsible to detect whether the request
023 * contains any known authentication data and perform the authentication if needed.
024 *
025 * @author <a href="mailto:bs@nuxeo.com">Bogdan Stefanescu</a>
026 */
027public interface AuthenticationHandler {
028
029    /**
030     * Initialize this handler given a property map.
031     *
032     * @param properties
033     */
034    void init(Map<String, String> properties);
035
036    /**
037     * Handle the authentication if the request contains any known authentication data. If authentication was done
038     * returns the resulting LoginContext otherwise returns null. If authentication failed throws {@link LoginException}
039     * and the implementation <b>must</b> finish the request by correctly responding to the client or redirecting to
040     * another page - through the given response object.
041     *
042     * @param request the http request
043     * @param response the http response
044     * @return the loginc context if successful, or null if login was not handled.
045     * @throws LoginException if authentication failed.
046     */
047    LoginContext handleAuthentication(HttpServletRequest request, HttpServletResponse response) throws LoginException;
048
049}