001/* 
002 * (C) Copyright 2006-2011 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     bstefanescu
018 */
019package org.nuxeo.ecm.webengine.jaxrs.login;
020
021import java.util.Map;
022
023import javax.security.auth.login.LoginContext;
024import javax.security.auth.login.LoginException;
025import javax.servlet.http.HttpServletRequest;
026import javax.servlet.http.HttpServletResponse;
027
028/**
029 * Initiate an authentication for the given HTTP request. Implementations are responsible to detect whether the request
030 * contains any known authentication data and perform the authentication if needed.
031 *
032 * @author <a href="mailto:bs@nuxeo.com">Bogdan Stefanescu</a>
033 */
034public interface AuthenticationHandler {
035
036    /**
037     * Initialize this handler given a property map.
038     *
039     * @param properties
040     */
041    void init(Map<String, String> properties);
042
043    /**
044     * Handle the authentication if the request contains any known authentication data. If authentication was done
045     * returns the resulting LoginContext otherwise returns null. If authentication failed throws {@link LoginException}
046     * and the implementation <b>must</b> finish the request by correctly responding to the client or redirecting to
047     * another page - through the given response object.
048     *
049     * @param request the http request
050     * @param response the http response
051     * @return the loginc context if successful, or null if login was not handled.
052     * @throws LoginException if authentication failed.
053     */
054    LoginContext handleAuthentication(HttpServletRequest request, HttpServletResponse response) throws LoginException;
055
056}