This project has retired. For details please refer to its Attic page.

org.apache.cocoon.auth
Interface SecurityHandler

All Known Implementing Classes:

AbstractSecurityHandler, AnonymousSecurityHandler, DBSecurityHandler, PipelineSecurityHandler, ServletSecurityHandler

public interface SecurityHandler

The Security Handler A security handler is the connection between the web application and the backend system managing the users. A handler offers two main methods: one for login and one for logout. The login method tries to authenticate the current user and returns a User object on success. A SecurityHandler must be implemented in a thread safe manner.

Version:

$Id: SecurityHandler.html 1304258 2012-03-23 10:09:27Z ilgrosso $

Method Summary

String	getId() Return a unique identifier for this security handler.
User	login(Map context) Try to authenticate the user.
void	logout(Map context, User user) This notifies the security-handler that a user logs out.

Method Detail

login

User login(Map context)
           throws Exception

Try to authenticate the user.

Parameters:

context - The context for the login operation.

Returns:

The user if the authentication is successful, null otherwise.

Throws:

Exception - If something goes wrong.

logout

void logout(Map context,
            User user)

This notifies the security-handler that a user logs out.

Parameters:

context - The context for the login operation.

user - The user object.

getId

String getId()

Return a unique identifier for this security handler. For session replication to work, a security handler must deliver the same identifier across systems!

Returns:

A unique identifier.