You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by at...@apache.org on 2008/09/04 13:40:37 UTC
svn commit: r691975 - in
/portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-api/src/main/java/org/apache/jetspeed/security:
UserManager.java spi/AuthenticatedUser.java
Author: ate
Date: Thu Sep 4 04:40:36 2008
New Revision: 691975
URL: http://svn.apache.org/viewvc?rev=691975&view=rev
Log:
Refactoring UserManager a bit:
- no longer provides authentication support (which should be done separately through an AuthenticationProvider)
- new methods to retrieve the Subject for an authenticated user (a User instance no longer provides that)
- allow creating a Subject using (and optionally merging) credentials already retrieved like by an external AuthenticationProvider
Added:
portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-api/src/main/java/org/apache/jetspeed/security/spi/AuthenticatedUser.java (with props)
Modified:
portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-api/src/main/java/org/apache/jetspeed/security/UserManager.java
Modified: portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-api/src/main/java/org/apache/jetspeed/security/UserManager.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-api/src/main/java/org/apache/jetspeed/security/UserManager.java?rev=691975&r1=691974&r2=691975&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-api/src/main/java/org/apache/jetspeed/security/UserManager.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-api/src/main/java/org/apache/jetspeed/security/UserManager.java Thu Sep 4 04:40:36 2008
@@ -20,6 +20,10 @@
import java.util.Collection;
import java.util.List;
+import javax.security.auth.Subject;
+
+import org.apache.jetspeed.security.spi.AuthenticatedUser;
+
/**
* <p>
* Describes the interface for managing users and provides access to the
@@ -37,20 +41,11 @@
/**
* <p>
- * Authenticate a user.
+ * Add a new user provided a username and password.
* </p>
- *
- * @param username The user name.
- * @param password The user password.
- * @return Whether or not a user is authenticated.
- */
- boolean authenticate(String username, String password);
-
- /**
* <p>
- * Add a new user provided a username and password.
+ * If an external security storage manager is used, the user will be mapped/replicated to it as well.
* </p>
- *
* @param username The user name.
* @param password The password.
* @throws Throws a security exception.
@@ -59,16 +54,15 @@
/**
* <p>
- * Add a new user provided a username and password in the specified authentication
- * provider store.
+ * Add a new user provided a username and password and optionally map/replicate it to an external storage manager (if configured).
* </p>
*
* @param username The user name.
* @param password The password.
- * @param atnProviderName The authentication provider name.
+ * @param mapped if the new User should be mapped/replicated to an external security storage manager (if used) or not.
* @throws Throws a security exception.
*/
- void addUser(String username, String password, String atnProviderName) throws SecurityException;
+ void addUser(String username, String password, boolean mapped) throws SecurityException;
/**
@@ -78,26 +72,12 @@
*
* @param username The user name.
* @param password The password.
+ * @param mapped if the new User should be mapped/replicated to an external security storage manager (if used) or not.
* @param passThrough If true the provided password will not be validated/encoded
* @throws Throws a security exception.
*/
- void importUser(String username, String password, boolean passThrough) throws SecurityException;
-
- /**
- * <p>
- * Import a new user with username and password in the specified authentication
- * provider store and allow to bypass the enconding algorithm
- * </p>
- *
- * @param username The user name.
- * @param password The password.
- * @param atnProviderName The authentication provider name.
- * @param passThrough If true the provided password will not be validated/encoded
- * @throws Throws a security exception.
- */
- void importUser(String username, String password, String atnProviderName, boolean passThrough) throws SecurityException;
+ void addUser(String username, String password, boolean mapped, boolean passThrough) throws SecurityException;
-
/**
* <p>
* Remove a user. If there user attributes associated with this user, they will be removed as well.
@@ -134,6 +114,29 @@
/**
* <p>
+ * Get a Subject for a given username.
+ * </p>
+ *
+ * @param username The username.
+ * @return The Subject.
+ * @throws Throws a security exception if the user cannot be found
+ */
+ Subject getSubject(String username) throws SecurityException;
+
+ /**
+ * <p>
+ * Get a Subject for an (externally) authenticated user with (optionally) already provided credentials.
+ * </p>
+ *
+ * @param user The authenticated user.
+ * @param mergeCredentials indicate if provided credentials should be merged with the Jetspeed Credentials for the user (if available).
+ * @return The Subject.
+ * @throws Throws a security exception if the user cannot be found
+ */
+ Subject getSubject(AuthenticatedUser user, boolean mergeCredentials) throws SecurityException;
+
+ /**
+ * <p>
* An iterator of {@link User}finding users matching the corresponding
* filter criteria.
* </p>
Added: portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-api/src/main/java/org/apache/jetspeed/security/spi/AuthenticatedUser.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-api/src/main/java/org/apache/jetspeed/security/spi/AuthenticatedUser.java?rev=691975&view=auto
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-api/src/main/java/org/apache/jetspeed/security/spi/AuthenticatedUser.java (added)
+++ portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-api/src/main/java/org/apache/jetspeed/security/spi/AuthenticatedUser.java Thu Sep 4 04:40:36 2008
@@ -0,0 +1,31 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.jetspeed.security.spi;
+
+import java.util.Set;
+
+/**
+ * @version $Id$
+ *
+ */
+public interface AuthenticatedUser
+{
+ String getUserName();
+ Set<Object> getPublicCredentials();
+ Set<Object> getPrivateCredentials();
+}
Propchange: portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-api/src/main/java/org/apache/jetspeed/security/spi/AuthenticatedUser.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-api/src/main/java/org/apache/jetspeed/security/spi/AuthenticatedUser.java
------------------------------------------------------------------------------
svn:keywords = Id
Propchange: portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-api/src/main/java/org/apache/jetspeed/security/spi/AuthenticatedUser.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org