1 // ========================================================================
2 // Copyright 2000-2005 Mort Bay Consulting Pty. Ltd.
3 // ------------------------------------------------------------------------
4 // Licensed under the Apache License, Version 2.0 (the "License");
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
7 // http://www.apache.org/licenses/LICENSE-2.0
8 // Unless required by applicable law or agreed to in writing, software
9 // distributed under the License is distributed on an "AS IS" BASIS,
10 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11 // See the License for the specific language governing permissions and
12 // limitations under the License.
13 // ========================================================================
14
15 package org.mortbay.jetty.security;
16
17 import java.security.Principal;
18
19 import org.mortbay.jetty.Request;
20 import org.mortbay.jetty.Response;
21
22
23 /* ------------------------------------------------------------ */
24 /** Single Sign On Realm.
25 * This interface is a mix-in interface for the UserRealm interface. If an
26 * implementation of UserRealm also implements SSORealm, then single signon
27 * is supported for that realm.
28
29 * @see UserRealm
30 * @author Greg Wilkins (gregw)
31 */
32
33 public interface SSORealm
34 {
35 /** Get SSO credentials.
36 * This call is used by an authenticator to check if a SSO exists for a request.
37 * If SSO authentiation is successful, the requests UserPrincipal and
38 * AuthUser fields are set. If available, the credential used to
39 * authenticate the user is returned. If recoverable credentials are not required then
40 * null may be return.
41 * @param request The request to SSO.
42 * @param response The response to SSO.
43 * @return A credential if available for SSO authenticated requests.
44 */
45 public Credential getSingleSignOn(Request request,Response response);
46
47 /** Set SSO principal and credential.
48 * This call is used by an authenticator to inform the SSO mechanism that
49 * a user has signed on. The SSO mechanism should record the principal
50 * and credential and update the response with any cookies etc. required.
51 * @param request The authenticated request.
52 * @param response The authenticated response/
53 * @param principal The principal that has been authenticated.
54 * @param credential The credentials used to authenticate.
55 */
56
57 public void setSingleSignOn(Request request,
58 Response response,
59 Principal principal,
60 Credential credential);
61
62 /** Clear SSO for user.
63 * @param username The user to clear.
64 */
65 public void clearSingleSignOn(String username);
66 }