1   // ========================================================================
2   // Copyright 2000-2005 Mort Bay Consulting Pty. Ltd.
3   // ------------------------------------------------------------------------
4   // Licensed under the Apache License, Version 2.0 (the "License");
5   // you may not use this file except in compliance with the License.
6   // You may obtain a copy of the License at 
7   // http://www.apache.org/licenses/LICENSE-2.0
8   // Unless required by applicable law or agreed to in writing, software
9   // distributed under the License is distributed on an "AS IS" BASIS,
10  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11  // See the License for the specific language governing permissions and
12  // limitations under the License.
13  // ========================================================================
14  
15  package org.mortbay.jetty.security;
16  
17  import java.security.Principal;
18  
19  import org.mortbay.jetty.Request;
20  import org.mortbay.jetty.Response;
21  import org.mortbay.jetty.UserRealm;
22  
23  
24  /* ------------------------------------------------------------ */
25  /** Single Sign On Realm.
26   * This interface is a mix-in interface for the UserRealm interface. If an
27   * implementation of UserRealm also implements SSORealm, then single signon
28   * is supported for that realm.
29   
30   * @see UserRealm
31   * @author Greg Wilkins (gregw)
32   */
33  
34  public interface SSORealm
35  {
36      /** Get SSO credentials.
37       * This call is used by an authenticator to check if a SSO exists for a request.
38       * If SSO authentiation is successful, the requests UserPrincipal and
39       * AuthUser fields are set.  If available, the credential used to
40       * authenticate the user is returned. If recoverable credentials are not required then
41       * null may be return.
42       * @param request The request to SSO.
43       * @param response The response to SSO.
44       * @return A credential if available for SSO authenticated requests.
45       */
46      public Credential getSingleSignOn(Request request,Response response);
47      
48      /** Set SSO principal and credential.
49       * This call is used by an authenticator to inform the SSO mechanism that
50       * a user has signed on. The SSO mechanism should record the principal
51       * and credential and update the response with any cookies etc. required. 
52       * @param request The authenticated request.
53       * @param response The authenticated response/
54       * @param principal The principal that has been authenticated.
55       * @param credential The credentials used to authenticate.
56       */
57      
58      public void setSingleSignOn(Request request,
59                                  Response response,
60                                  Principal principal,
61                                  Credential credential);
62      
63      /** Clear SSO for user.
64       * @param username The user to clear.
65       */
66      public void clearSingleSignOn(String username);
67  }