Package net.officefloor.web.spi.security

Interface HttpSecurity<A,AC extends Serializable,C,O extends Enum<O>,F extends Enum<F>>

All Known Implementing Classes:

AbstractMockHttpSecuritySource, AnonymousHttpSecuritySource, JwtHttpSecuritySource, MockChallengeHttpSecuritySource, MockFlowHttpSecuritySource

public interface HttpSecurity<A,AC extends Serializable,C,O extends Enum<O>,F extends Enum<F>>

HTTP security.

Author:

Daniel Sagenschneider

Method Summary

Modifier and Type	Method	Description
void	authenticate(C credentials, AuthenticateContext<AC,O,F> context)	Undertakes authentication.
void	challenge(ChallengeContext<O,F> context)	Triggers the authentication challenge to the client.
A	createAuthentication(AuthenticationContext<AC,C> context)	Creates the custom authentication.
void	logout(LogoutContext<O,F> context)	Logs out.
boolean	ratify(C credentials, RatifyContext<AC> context)	Ratifies whether enough information is available to undertake authentication.

Method Details

createAuthentication

A createAuthentication(AuthenticationContext<AC,C> context)

Creates the custom authentication.

Parameters:

context - AuthenticateContext.

Returns:

Custom authentication.

ratify

boolean ratify(C credentials,
 RatifyContext<AC> context)

Ratifies whether enough information is available to undertake authentication.

As authentication will likely require communication with external services (LDAP store, database, etc), this method allows checking whether enough information is available to undertake the authentication. The purpose is to avoid the ManagedFunction depending on dependencies of authentication subsequently causing execution by different Team. This is especially as the majority of HttpRequest servicing will use the HttpSession to cache details and not require the authentication dependencies causing the swap in Team.

Parameters:

credentials - Credentials.

context - RatifyContext.

Returns:

true should enough information be available to undertake authentication. false if not enough information is available for authentication.

authenticate

void authenticate(C credentials,
 AuthenticateContext<AC,O,F> context)
           throws HttpException

Undertakes authentication.

Parameters:

credentials - Credentials.

context - AuthenticateContext.

Throws:

HttpException - If failure in communicating to necessary security services.

challenge

void challenge(ChallengeContext<O,F> context)
        throws HttpException

Triggers the authentication challenge to the client.

Parameters:

context - ChallengeContext.

Throws:

HttpException - If failure in communicating to necessary security services.

logout

void logout(LogoutContext<O,F> context)
     throws HttpException

Logs out.

Parameters:

context - LogoutContext.

Throws:

HttpException - If failure in communicating to necessary security services.