Coverage Report

Coverage Report - org.acegisecurity.AuthenticationManager

Classes in this File

 /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 
 package org.acegisecurity;
 
 /**
  * Processes an {@link Authentication} request.
  *
  * @author Ben Alex
  * @version $Id: AuthenticationManager.java 1784 2007-02-24 21:00:24Z luke_t $
  */
 public interface AuthenticationManager {
     //~ Methods ========================================================================================================
 
     /**
      * Attempts to authenticate the passed {@link Authentication} object, returning a fully populated
      * <code>Authentication</code> object (including granted authorities) if successful.<p>An
      * <code>AuthenticationManager</code> must honour the following contract concerning exceptions:</p>
      *  <p>A {@link DisabledException} must be thrown if an account is disabled and the
      * <code>AuthenticationManager</code> can test for this state.</p>
      *  <p>A {@link LockedException} must be thrown if an account is locked and the
      * <code>AuthenticationManager</code> can test for account locking.</p>
      *  <p>A {@link BadCredentialsException} must be thrown if incorrect credentials are presented. Whilst the
      * above exceptions are optional, an <code>AuthenticationManager</code> must <B>always</B> test credentials.</p>
      *  <p>Exceptions should be tested for and if applicable thrown in the order expressed above (ie if an
      * account is disabled or locked, the authentication request is immediately rejected and the credentials testing
      * process is not performed). This prevents credentials being tested against  disabled or locked accounts.</p>
      *
      * @param authentication the authentication request object
      *
      * @return a fully authenticated object including credentials
      *
      * @throws AuthenticationException if authentication fails
      */
     Authentication authenticate(Authentication authentication)
         throws AuthenticationException;
 }

1		/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
2		*
3		* Licensed under the Apache License, Version 2.0 (the "License");
4		* you may not use this file except in compliance with the License.
5		* You may obtain a copy of the License at
6		*
7		* http://www.apache.org/licenses/LICENSE-2.0
8		*
9		* Unless required by applicable law or agreed to in writing, software
10		* distributed under the License is distributed on an "AS IS" BASIS,
11		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		* See the License for the specific language governing permissions and
13		* limitations under the License.
14		*/
15
16		package org.acegisecurity;
17
18		/**
19		* Processes an {@link Authentication} request.
20		*
21		* @author Ben Alex
22		* @version $Id: AuthenticationManager.java 1784 2007-02-24 21:00:24Z luke_t $
23		*/
24		public interface AuthenticationManager {
25		//~ Methods ========================================================================================================
26
27		/**
28		* Attempts to authenticate the passed {@link Authentication} object, returning a fully populated
29		* <code>Authentication</code> object (including granted authorities) if successful.<p>An
30		* <code>AuthenticationManager</code> must honour the following contract concerning exceptions:</p>
31		* <p>A {@link DisabledException} must be thrown if an account is disabled and the
32		* <code>AuthenticationManager</code> can test for this state.</p>
33		* <p>A {@link LockedException} must be thrown if an account is locked and the
34		* <code>AuthenticationManager</code> can test for account locking.</p>
35		* <p>A {@link BadCredentialsException} must be thrown if incorrect credentials are presented. Whilst the
36		* above exceptions are optional, an <code>AuthenticationManager</code> must <B>always</B> test credentials.</p>
37		* <p>Exceptions should be tested for and if applicable thrown in the order expressed above (ie if an
38		* account is disabled or locked, the authentication request is immediately rejected and the credentials testing
39		* process is not performed). This prevents credentials being tested against disabled or locked accounts.</p>
40		*
41		* @param authentication the authentication request object
42		*
43		* @return a fully authenticated object including credentials
44		*
45		* @throws AuthenticationException if authentication fails
46		*/
47		Authentication authenticate(Authentication authentication)
48		throws AuthenticationException;
49		}