001/* 002 * Copyright (c) 2006-2011 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the Eclipse Public License v1.0 006 * which accompanies this distribution, and is available at 007 * http://www.eclipse.org/legal/epl-v10.html 008 * 009 * Contributors: 010 * bstefanescu 011 */ 012package org.nuxeo.ecm.webengine.jaxrs.login; 013 014import java.util.Map; 015 016import javax.security.auth.login.LoginContext; 017import javax.security.auth.login.LoginException; 018import javax.servlet.http.HttpServletRequest; 019import javax.servlet.http.HttpServletResponse; 020 021/** 022 * Initiate an authentication for the given HTTP request. Implementations are responsible to detect whether the request 023 * contains any known authentication data and perform the authentication if needed. 024 * 025 * @author <a href="mailto:bs@nuxeo.com">Bogdan Stefanescu</a> 026 */ 027public interface AuthenticationHandler { 028 029 /** 030 * Initialize this handler given a property map. 031 * 032 * @param properties 033 */ 034 void init(Map<String, String> properties); 035 036 /** 037 * Handle the authentication if the request contains any known authentication data. If authentication was done 038 * returns the resulting LoginContext otherwise returns null. If authentication failed throws {@link LoginException} 039 * and the implementation <b>must</b> finish the request by correctly responding to the client or redirecting to 040 * another page - through the given response object. 041 * 042 * @param request the http request 043 * @param response the http response 044 * @return the loginc context if successful, or null if login was not handled. 045 * @throws LoginException if authentication failed. 046 */ 047 LoginContext handleAuthentication(HttpServletRequest request, HttpServletResponse response) throws LoginException; 048 049}