001/* 002 * Copyright (c) 2006-2011 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the Eclipse Public License v1.0 006 * which accompanies this distribution, and is available at 007 * http://www.eclipse.org/legal/epl-v10.html 008 * 009 * Contributors: 010 * Nuxeo - initial API and implementation 011 * 012 * $Id$ 013 */ 014 015package org.nuxeo.runtime.api.login; 016 017import java.security.Principal; 018 019import javax.security.auth.callback.CallbackHandler; 020import javax.security.auth.login.LoginContext; 021import javax.security.auth.login.LoginException; 022 023/** 024 * @author <a href="mailto:bs@nuxeo.com">Bogdan Stefanescu</a> 025 */ 026public interface LoginService { 027 028 /** 029 * System login, using a private principal that has all privileges. This principal is not stored in any database and 030 * cannot be accessed by user. 031 * <p> 032 * The method requires the caller to have the {@link SystemLoginPermission} permission. 033 * 034 * @return the login context 035 */ 036 LoginContext login() throws LoginException; 037 038 /** 039 * System login, using a private principal that has all privileges. This principal is not stored in any database and 040 * cannot be accessed by user. 041 * <p> 042 * The method requires the caller to have the {@link SystemLoginPermission} permission. 043 * 044 * @param username the username that originated the system login 045 * @return the login context 046 */ 047 LoginContext loginAs(String username) throws LoginException; 048 049 /** 050 * Client login using the given username and password. 051 */ 052 LoginContext login(String username, Object credentials) throws LoginException; 053 054 /** 055 * Client login using a custom callback handler to retrieve login info. 056 * 057 * @param cbHandler the callback handler to use to retrieve the login info 058 * @return the login context 059 */ 060 LoginContext login(CallbackHandler cbHandler) throws LoginException; 061 062 SecurityDomain getSecurityDomain(String name); 063 064 void addSecurityDomain(SecurityDomain domain); 065 066 boolean isSystemId(Principal principal); 067 068 void removeSecurityDomain(String name); 069 070 SecurityDomain[] getSecurityDomains(); 071 072 void removeSecurityDomains(); 073 074}