1 // ======================================================================== 2 // Copyright 2000-2005 Mort Bay Consulting Pty. Ltd. 3 // ------------------------------------------------------------------------ 4 // Licensed under the Apache License, Version 2.0 (the "License"); 5 // you may not use this file except in compliance with the License. 6 // You may obtain a copy of the License at 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // Unless required by applicable law or agreed to in writing, software 9 // distributed under the License is distributed on an "AS IS" BASIS, 10 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 // See the License for the specific language governing permissions and 12 // limitations under the License. 13 // ======================================================================== 14 15 package org.mortbay.jetty.security; 16 17 import java.security.Principal; 18 19 import org.mortbay.jetty.Request; 20 import org.mortbay.jetty.Response; 21 import org.mortbay.jetty.UserRealm; 22 23 24 /* ------------------------------------------------------------ */ 25 /** Single Sign On Realm. 26 * This interface is a mix-in interface for the UserRealm interface. If an 27 * implementation of UserRealm also implements SSORealm, then single signon 28 * is supported for that realm. 29 30 * @see UserRealm 31 * @author Greg Wilkins (gregw) 32 */ 33 34 public interface SSORealm 35 { 36 /** Get SSO credentials. 37 * This call is used by an authenticator to check if a SSO exists for a request. 38 * If SSO authentiation is successful, the requests UserPrincipal and 39 * AuthUser fields are set. If available, the credential used to 40 * authenticate the user is returned. If recoverable credentials are not required then 41 * null may be return. 42 * @param request The request to SSO. 43 * @param response The response to SSO. 44 * @return A credential if available for SSO authenticated requests. 45 */ 46 public Credential getSingleSignOn(Request request,Response response); 47 48 /** Set SSO principal and credential. 49 * This call is used by an authenticator to inform the SSO mechanism that 50 * a user has signed on. The SSO mechanism should record the principal 51 * and credential and update the response with any cookies etc. required. 52 * @param request The authenticated request. 53 * @param response The authenticated response/ 54 * @param principal The principal that has been authenticated. 55 * @param credential The credentials used to authenticate. 56 */ 57 58 public void setSingleSignOn(Request request, 59 Response response, 60 Principal principal, 61 Credential credential); 62 63 /** Clear SSO for user. 64 * @param username The user to clear. 65 */ 66 public void clearSingleSignOn(String username); 67 }