AuthenticationService.java example

Explorer
spacewalk-master
/**
 * Copyright (c) 2009--2012 Red Hat, Inc.
 *
 * This software is licensed to you under the GNU General Public License,
 * version 2 (GPLv2). There is NO WARRANTY for this software, express or
 * implied, including the implied warranties of MERCHANTABILITY or FITNESS
 * FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
 * along with this software; if not, see
 * http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
 *
 * Red Hat trademarks are not licensed under GPLv2. No permission is
 * granted to use or replicate Red Hat trademarks that are incorporated
 * in this software or its documentation.
 */
package com.redhat.rhn.frontend.security;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 *
 * An AuthenticationService is a service that encapsulates authentication logic in coarse-
 * grained operations. Note that this service does not handle logins.
 *
 * @version $Rev$
 */
public interface AuthenticationService {

    /**
     * Validate whatever credentials are associated with the request. For hosted, this will
     * be the sso cookie, and for satellite, this will be the pxt cookie. If validation
     * fails, implementors should throw an AuthenticationException. Note that if an
     * implementation does not support/implement this operation, an AuthenticationException
     * should be thrown, and not an UnsupportedOperationException.
     *
     * @param request The current request
     *
     * @param response The current response
     *
     * @return True is validation succeeds, false otherwise.
     *
     * @throws ServletException If an unrecoverable error occurs
     */
    boolean validate(HttpServletRequest request, HttpServletResponse response)
        throws ServletException;

    /**
     * CSFR check might be skipped for particular POST requests f.e. all login
     * pages
     * @param request The current request
     * @return True if CSFR check shall be skipped for current request
     */
    boolean skipCsfr(HttpServletRequest request);

    /**
     * Redirects the request to whatever resource handles logins. This method is typically
     * invoked after a call to {@link #validate(HttpServletRequest, HttpServletResponse)}
     * fails. Note that the redirect may be client-side or server-side, and it may be to an
     * external or an internal resource.
     *
     * @param request the request
     * @param response the response
     * @throws ServletException If an unrecoverable error occurs
     */
    void redirectToLogin(HttpServletRequest request, HttpServletResponse response)
        throws ServletException;

    /**
     * Redirects the request to a different page
     * Used in restricted period after grace period has expired to prevent basic satellite
     * functionality
     *
     * @param request the request
     * @param response the response
     * @param path where to redirect
     * @throws ServletException If an unrecoverable error occurs
     */
    void redirectTo(HttpServletRequest request, HttpServletResponse response, String path)
            throws ServletException;

    /**
     * Invalidates login credentials associated with the given request.
     *
     * @param request The current request
     * @param response The current response
     * @throws ServletException If an unrecoverable error occurs
     */
    void invalidate(HttpServletRequest request, HttpServletResponse response)
        throws ServletException;
}