001: /*
002: * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Realm.java,v 1.4 2001/07/30 20:04:04 craigmcc Exp $
003: * $Revision: 1.4 $
004: * $Date: 2001/07/30 20:04:04 $
005: *
006: * ====================================================================
007: *
008: * The Apache Software License, Version 1.1
009: *
010: * Copyright (c) 1999 The Apache Software Foundation. All rights
011: * reserved.
012: *
013: * Redistribution and use in source and binary forms, with or without
014: * modification, are permitted provided that the following conditions
015: * are met:
016: *
017: * 1. Redistributions of source code must retain the above copyright
018: * notice, this list of conditions and the following disclaimer.
019: *
020: * 2. Redistributions in binary form must reproduce the above copyright
021: * notice, this list of conditions and the following disclaimer in
022: * the documentation and/or other materials provided with the
023: * distribution.
024: *
025: * 3. The end-user documentation included with the redistribution, if
026: * any, must include the following acknowlegement:
027: * "This product includes software developed by the
028: * Apache Software Foundation (http://www.apache.org/)."
029: * Alternately, this acknowlegement may appear in the software itself,
030: * if and wherever such third-party acknowlegements normally appear.
031: *
032: * 4. The names "The Jakarta Project", "Tomcat", and "Apache Software
033: * Foundation" must not be used to endorse or promote products derived
034: * from this software without prior written permission. For written
035: * permission, please contact apache@apache.org.
036: *
037: * 5. Products derived from this software may not be called "Apache"
038: * nor may "Apache" appear in their names without prior written
039: * permission of the Apache Group.
040: *
041: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
042: * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
043: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
044: * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
045: * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
046: * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
047: * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
048: * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
049: * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
050: * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
051: * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
052: * SUCH DAMAGE.
053: * ====================================================================
054: *
055: * This software consists of voluntary contributions made by many
056: * individuals on behalf of the Apache Software Foundation. For more
057: * information on the Apache Software Foundation, please see
058: * <http://www.apache.org/>.
059: *
060: * [Additional notices, if required by prior licensing conditions]
061: *
062: */
063:
064: package org.apache.catalina;
065:
066: import java.beans.PropertyChangeListener;
067: import java.security.Principal;
068: import java.security.cert.X509Certificate;
069:
070: /**
071: * A <b>Realm</b> is a read-only facade for an underlying security realm
072: * used to authenticate individual users, and identify the security roles
073: * associated with those users. Realms can be attached at any Container
074: * level, but will typically only be attached to a Context, or higher level,
075: * Container.
076: *
077: * @author Craig R. McClanahan
078: * @version $Revision: 1.4 $ $Date: 2001/07/30 20:04:04 $
079: */
080:
081: public interface Realm {
082:
083: // ------------------------------------------------------------- Properties
084:
085: /**
086: * Return the Container with which this Realm has been associated.
087: */
088: public Container getContainer();
089:
090: /**
091: * Set the Container with which this Realm has been associated.
092: *
093: * @param container The associated Container
094: */
095: public void setContainer(Container container);
096:
097: /**
098: * Return descriptive information about this Realm implementation and
099: * the corresponding version number, in the format
100: * <code><description>/<version></code>.
101: */
102: public String getInfo();
103:
104: // --------------------------------------------------------- Public Methods
105:
106: /**
107: * Add a property change listener to this component.
108: *
109: * @param listener The listener to add
110: */
111: public void addPropertyChangeListener(
112: PropertyChangeListener listener);
113:
114: /**
115: * Return the Principal associated with the specified username and
116: * credentials, if there is one; otherwise return <code>null</code>.
117: *
118: * @param username Username of the Principal to look up
119: * @param credentials Password or other credentials to use in
120: * authenticating this username
121: */
122: public Principal authenticate(String username, String credentials);
123:
124: /**
125: * Return the Principal associated with the specified username and
126: * credentials, if there is one; otherwise return <code>null</code>.
127: *
128: * @param username Username of the Principal to look up
129: * @param credentials Password or other credentials to use in
130: * authenticating this username
131: */
132: public Principal authenticate(String username, byte[] credentials);
133:
134: /**
135: * Return the Principal associated with the specified username, which
136: * matches the digest calculated using the given parameters using the
137: * method described in RFC 2069; otherwise return <code>null</code>.
138: *
139: * @param username Username of the Principal to look up
140: * @param digest Digest which has been submitted by the client
141: * @param nonce Unique (or supposedly unique) token which has been used
142: * for this request
143: * @param realm Realm name
144: * @param md5a2 Second MD5 digest used to calculate the digest :
145: * MD5(Method + ":" + uri)
146: */
147: public Principal authenticate(String username, String digest,
148: String nonce, String nc, String cnonce, String qop,
149: String realm, String md5a2);
150:
151: /**
152: * Return the Principal associated with the specified chain of X509
153: * client certificates. If there is none, return <code>null</code>.
154: *
155: * @param certs Array of client certificates, with the first one in
156: * the array being the certificate of the client itself.
157: */
158: public Principal authenticate(X509Certificate certs[]);
159:
160: /**
161: * Return <code>true</code> if the specified Principal has the specified
162: * security role, within the context of this Realm; otherwise return
163: * <code>false</code>.
164: *
165: * @param principal Principal for whom the role is to be checked
166: * @param role Security role to be checked
167: */
168: public boolean hasRole(Principal principal, String role);
169:
170: /**
171: * Remove a property change listener from this component.
172: *
173: * @param listener The listener to remove
174: */
175: public void removePropertyChangeListener(
176: PropertyChangeListener listener);
177:
178: }
|