1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
/**
* This file is part of the CRISTAL-iSE kernel.
* Copyright (c) 2001-2014 The CRISTAL Consortium. All rights reserved.
*
* This library is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
* by the Free Software Foundation; either version 3 of the License, or (at
* your option) any later version.
*
* This library is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; with out even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this library; if not, write to the Free Software Foundation,
* Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
*
* http://www.fsf.org/licensing/licenses/lgpl.html
*/
package com.c2kernel.process.auth;
import com.c2kernel.common.InvalidDataException;
import com.c2kernel.common.ObjectNotFoundException;
/**
* This interface is used by the kernel to store an authenticated connection
* and/or token that will be used by kernel components. The CRISTAL property
* 'Authenticator' is used to specify the implementation used. It is
* instantiated by the connect() methods of the Gateway, and will be found in
* the AgentProxy returned by connect(). Lookup and ClusterStorage instances are
* initialized with this Authenticator, which is expected to maintain the same
* user's connection through the process lifetime, reconnecting if the
* connection is lost.
*
* @since 3.0
*
*/
public interface Authenticator {
/**
* Authenticates a CRISTAL agent. If this method returns true, then the
* connect method will create and return an AgentProxy for the given
* username using the Lookup and ProxyManager.
*
* @param agentName
* The username of the Agent to be authenticated. This must be
* already present as an Agent in the CRISTAL directory.
* @param password
* The Agent's password
* @param resource
* The authentication resource/domain/realm of the agent.
* Included so that domains may include CRISTAL users from
* different realms. This parameter is passed into the connect()
* method if required. May be null.
* @return a boolean indicating if the authentication was successful. If so,
* then the Gateway will generate an AgentProxy for the given user.
* @throws ObjectNotFoundException
* When the Agent doesn't exist
* @throws InvalidDataException
* When authentication fails for another reason
*/
public boolean authenticate(String agentName, String password,
String resource) throws InvalidDataException,
ObjectNotFoundException;
/**
* Authenticates a superuser connection for the server. It must be able to
* act on behalf of any other Agent, as the server needs to do this.
* Credentials may be in the CRISTAL properties, or some other mechanism.
*
* @param resource
* @return
* @throws InvalidDataException
* @throws ObjectNotFoundException
*/
public boolean authenticate(String resource) throws InvalidDataException,
ObjectNotFoundException;
/**
* Lookup and storage implementations that need to use user or superuser
* authentication can retrieve it using this method. This will be highly
* implementation specific.
*
* @return the connection/token created during authentication
*/
public Object getAuthObject();
/**
* Close or expire the connection as the CRISTAL process shuts down.
*/
public void disconnect();
}
|
