001/*
002 * Copyright (c) 2006-2011 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * All rights reserved. This program and the accompanying materials
005 * are made available under the terms of the Eclipse Public License v1.0
006 * which accompanies this distribution, and is available at
007 * http://www.eclipse.org/legal/epl-v10.html
008 *
009 * Contributors:
010 *     Nuxeo - initial API and implementation
011 *
012 * $Id$
013 */
014
015package org.nuxeo.runtime.api.login;
016
017import java.security.Principal;
018
019import javax.security.auth.callback.CallbackHandler;
020import javax.security.auth.login.LoginContext;
021import javax.security.auth.login.LoginException;
022
023/**
024 * @author <a href="mailto:bs@nuxeo.com">Bogdan Stefanescu</a>
025 */
026public interface LoginService {
027
028    /**
029     * System login, using a private principal that has all privileges. This principal is not stored in any database and
030     * cannot be accessed by user.
031     * <p>
032     * The method requires the caller to have the {@link SystemLoginPermission} permission.
033     *
034     * @return the login context
035     */
036    LoginContext login() throws LoginException;
037
038    /**
039     * System login, using a private principal that has all privileges. This principal is not stored in any database and
040     * cannot be accessed by user.
041     * <p>
042     * The method requires the caller to have the {@link SystemLoginPermission} permission.
043     *
044     * @param username the username that originated the system login
045     * @return the login context
046     */
047    LoginContext loginAs(String username) throws LoginException;
048
049    /**
050     * Client login using the given username and password.
051     */
052    LoginContext login(String username, Object credentials) throws LoginException;
053
054    /**
055     * Client login using a custom callback handler to retrieve login info.
056     *
057     * @param cbHandler the callback handler to use to retrieve the login info
058     * @return the login context
059     */
060    LoginContext login(CallbackHandler cbHandler) throws LoginException;
061
062    SecurityDomain getSecurityDomain(String name);
063
064    void addSecurityDomain(SecurityDomain domain);
065
066    boolean isSystemId(Principal principal);
067
068    void removeSecurityDomain(String name);
069
070    SecurityDomain[] getSecurityDomains();
071
072    void removeSecurityDomains();
073
074}