001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017: package org.apache.wicket.authentication;
018:
019: import org.apache.wicket.Request;
020: import org.apache.wicket.Session;
021: import org.apache.wicket.authorization.strategies.role.Roles;
022: import org.apache.wicket.protocol.http.WebSession;
023:
024: /**
025: * Basic authenticated web session. Subclasses must provide a method that
026: * authenticates the session based on a username and password, and a method
027: * implementation that gets the Roles
028: *
029: * @author Jonathan Locke
030: */
031: public abstract class AuthenticatedWebSession extends WebSession {
032: /**
033: * @return Current authenticated web session
034: */
035: public static AuthenticatedWebSession get() {
036: return (AuthenticatedWebSession) Session.get();
037: }
038:
039: /** True when the user is signed in */
040: private boolean signedIn;
041:
042: /**
043: * Construct.
044: *
045: * @param application
046: * The web application
047: * @param request
048: * The current request object
049: * @param response
050: */
051: public AuthenticatedWebSession(
052: final AuthenticatedWebApplication application,
053: Request request) {
054: super (application, request);
055: }
056:
057: /**
058: * Authenticates this session using the given username and password
059: *
060: * @param username
061: * The username
062: * @param password
063: * The password
064: * @return True if the user was authenticated successfully
065: */
066: public abstract boolean authenticate(final String username,
067: final String password);
068:
069: /**
070: * @return Get the roles that this session can play
071: */
072: public abstract Roles getRoles();
073:
074: /**
075: * @return True if the user is signed in to this session
076: */
077: public final boolean isSignedIn() {
078: return signedIn;
079: }
080:
081: /**
082: * Signs user in by authenticating them with a username and password
083: *
084: * @param username
085: * The username
086: * @param password
087: * The password
088: * @return True if the user was signed in successfully
089: */
090: public final boolean signIn(final String username,
091: final String password) {
092: return signedIn = authenticate(username, password);
093: }
094:
095: /**
096: * Sign the user out.
097: */
098: public void signOut() {
099: signedIn = false;
100: }
101: }
|