001/* 002 * (C) Copyright 2006-2011 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * bstefanescu 018 */ 019package org.nuxeo.ecm.webengine.jaxrs.login; 020 021import java.util.Map; 022 023import javax.security.auth.login.LoginContext; 024import javax.security.auth.login.LoginException; 025import javax.servlet.http.HttpServletRequest; 026import javax.servlet.http.HttpServletResponse; 027 028/** 029 * Initiate an authentication for the given HTTP request. Implementations are responsible to detect whether the request 030 * contains any known authentication data and perform the authentication if needed. 031 * 032 * @author <a href="mailto:bs@nuxeo.com">Bogdan Stefanescu</a> 033 */ 034public interface AuthenticationHandler { 035 036 /** 037 * Initialize this handler given a property map. 038 * 039 * @param properties 040 */ 041 void init(Map<String, String> properties); 042 043 /** 044 * Handle the authentication if the request contains any known authentication data. If authentication was done 045 * returns the resulting LoginContext otherwise returns null. If authentication failed throws {@link LoginException} 046 * and the implementation <b>must</b> finish the request by correctly responding to the client or redirecting to 047 * another page - through the given response object. 048 * 049 * @param request the http request 050 * @param response the http response 051 * @return the loginc context if successful, or null if login was not handled. 052 * @throws LoginException if authentication failed. 053 */ 054 LoginContext handleAuthentication(HttpServletRequest request, HttpServletResponse response) throws LoginException; 055 056}