org.apache.cocoon.auth
Interface SecurityHandler

All Known Implementing Classes:
AbstractSecurityHandler, AnonymousSecurityHandler, DBSecurityHandler, PipelineSecurityHandler, ServletSecurityHandler

public interface SecurityHandler

The Security Handler A security handler is the connection between the web application and the backend system managing the users. A handler offers two main methods: one for login and one for logout. The login method tries to authenticate the current user and returns a User object on success. A SecurityHandler must be implemented in a thread safe manner.

Version:
$Id: SecurityHandler.html 1304258 2012-03-23 10:09:27Z ilgrosso $

Method Summary
 String getId()
          Return a unique identifier for this security handler.
 User login(Map context)
          Try to authenticate the user.
 void logout(Map context, User user)
          This notifies the security-handler that a user logs out.
 

Method Detail

login

User login(Map context)
           throws Exception
Try to authenticate the user.

Parameters:
context - The context for the login operation.
Returns:
The user if the authentication is successful, null otherwise.
Throws:
Exception - If something goes wrong.

logout

void logout(Map context,
            User user)
This notifies the security-handler that a user logs out.

Parameters:
context - The context for the login operation.
user - The user object.

getId

String getId()
Return a unique identifier for this security handler. For session replication to work, a security handler must deliver the same identifier across systems!

Returns:
A unique identifier.


Copyright © 1999-2010 The Apache Software Foundation. All Rights Reserved.