| Line | Hits | Source |
|---|---|---|
| 1 | /* | |
| 2 | Chrysalis Web Framework [http://chrysalis.sourceforge.net] | |
| 3 | Copyright (c) 2002, 2003, 2004, Paul Strack | |
| 4 | ||
| 5 | All rights reserved. | |
| 6 | ||
| 7 | Redistribution and use in source and binary forms, with or without | |
| 8 | modification, are permitted provided that the following conditions are met: | |
| 9 | ||
| 10 | 1. Redistributions of source code must retain the above copyright notice, this | |
| 11 | list of conditions and the following disclaimer. | |
| 12 | ||
| 13 | 2. Redistributions in binary form must reproduce the above copyright notice, | |
| 14 | this list of conditions and the following disclaimer in the documentation | |
| 15 | and/or other materials provided with the distribution. | |
| 16 | ||
| 17 | 3. Neither the name of the copyright holder nor the names of its contributors | |
| 18 | may be used to endorse or promote products derived from this software without | |
| 19 | specific prior written permission. | |
| 20 | ||
| 21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND | |
| 22 | ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | |
| 23 | WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | |
| 24 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR | |
| 25 | ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | |
| 26 | (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
| 27 | LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON | |
| 28 | ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
| 29 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | |
| 30 | SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
| 31 | */ | |
| 32 | ||
| 33 | package org.chwf.plugin; | |
| 34 | ||
| 35 | import org.chwf.config.ConfigFactory; | |
| 36 | import org.chwf.registry.RegistryException; | |
| 37 | import org.chwf.registry.UserRegistry; | |
| 38 | ||
| 39 | /** | |
| 40 | * An abstract superclass for custom user information. This plugin class | |
| 41 | * can be used to define custom authentication mechanisms for the Chrysalis | |
| 42 | * framework. Unlike most plugins, the <code>User</code> plugin is a | |
| 43 | * per-user singleton rather than a global singleton. | |
| 44 | * | |
| 45 | * @author <a href="mailto:pfstrack@users.sourceforge.net">Paul Strack</a> | |
| 46 | */ | |
| 47 | 1 | public abstract class User { |
| 48 | ||
| 49 | /** Special role requiring only authentication. */ | |
| 50 | public static final String AUTHENTICATED = "AUTHENTICATED"; | |
| 51 | ||
| 52 | /** The default user plugin. */ | |
| 53 | private static final String DEFAULT_USER = | |
| 54 | "org.chwf.plugin.defaults.DefaultUser"; | |
| 55 | ||
| 56 | /** The user class specified in the configuration. */ | |
| 57 | 1 | private static final String USER_CLASS = |
| 58 | ConfigFactory.getConfig(User.class).get("user.class", DEFAULT_USER); | |
| 59 | ||
| 60 | /** Parameter that stores post-login redirects. */ | |
| 61 | public static final String REDIRECT_PARAMETER = "redirect"; | |
| 62 | ||
| 63 | /** | |
| 64 | * Returns the current <code>User</code> object. This object will contain | |
| 65 | * no information if no user is currently logged in. Any custom login | |
| 66 | * operation should populate the <code>User</code> object with appropriate | |
| 67 | * authentication data.<p> | |
| 68 | * | |
| 69 | * @throws RegistryException If the user class cannot be initialized. | |
| 70 | * @return The user. | |
| 71 | */ | |
| 72 | public static User getInstance() throws RegistryException { | |
| 73 | 14 | return (User) UserRegistry.getSingleton(USER_CLASS); |
| 74 | } | |
| 75 | ||
| 76 | /** No-op constructor. */ | |
| 77 | 14 | protected User() { |
| 78 | 14 | } |
| 79 | ||
| 80 | /** | |
| 81 | * Retrieve the user ID (if available) used to log in this user.<p> | |
| 82 | * | |
| 83 | * @return User id or <code>null</code> if not logged in. | |
| 84 | */ | |
| 85 | public abstract String getUserID(); | |
| 86 | ||
| 87 | /** | |
| 88 | * True if the user is in the specified role.<p> | |
| 89 | * | |
| 90 | * @param role The role. | |
| 91 | * @return True if the user is in the specified role. | |
| 92 | */ | |
| 93 | public abstract boolean isInRole(String role); | |
| 94 | ||
| 95 | /** | |
| 96 | * True if the user has logged in.<p> | |
| 97 | * | |
| 98 | * @return True if the user has logged in. | |
| 99 | */ | |
| 100 | public abstract boolean isAuthenticated(); | |
| 101 | ||
| 102 | /** | |
| 103 | * A string name for the authentication mechanism.<p> | |
| 104 | * | |
| 105 | * @return The authentication mechanism or <code>null</code> if not logged in. | |
| 106 | */ | |
| 107 | public abstract String getAuthType(); | |
| 108 | ||
| 109 | /** | |
| 110 | * Log the user out. This method should also invalidate the user's session. | |
| 111 | * This method may not completely log out the user, because some mechanisms | |
| 112 | * (e.g. Basic HTTP authentication) will immediately log the user back in | |
| 113 | * for the next request.<p> | |
| 114 | */ | |
| 115 | public abstract void logout(); | |
| 116 | ||
| 117 | /** | |
| 118 | * <p>Method that checks roles user roles. This method should throw | |
| 119 | * a {@link SecurityException} if the user's role is invalid.</p> | |
| 120 | * | |
| 121 | * @param roles The expected security roles. | |
| 122 | * @throws AuthenticationException With error message for security failure. | |
| 123 | */ | |
| 124 | public abstract void check(String[] roles) throws AuthenticationException; | |
| 125 | } |
|
this report was generated by version 1.0.5 of jcoverage. |
copyright © 2003, jcoverage ltd. all rights reserved. |