Coverage Report

Coverage Report - org.acegisecurity.concurrent.ConcurrentSessionController

Classes in this File

 /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 
 package org.acegisecurity.concurrent;
 
 import org.acegisecurity.Authentication;
 import org.acegisecurity.AuthenticationException;
 
 
 /**
  * Provides two methods that can be called by an {@link
  * org.acegisecurity.AuthenticationManager} to integrate with the
  * concurrent session handling infrastructure.
  *
  * @author Ben Alex
  * @version $Id: ConcurrentSessionController.java 1784 2007-02-24 21:00:24Z luke_t $
  */
 public interface ConcurrentSessionController {
     //~ Methods ========================================================================================================
 
     /**
      * Called by any class that wishes to know whether the current authentication request should be permitted.
      * Generally callers will be <code>AuthenticationManager</code>s before they authenticate, but could equally
      * include <code>Filter</code>s or other interceptors that wish to confirm the ongoing validity of a previously
      * authenticated <code>Authentication</code>.<p>The implementation should throw a suitable exception if the
      * user has exceeded their maximum allowed concurrent sessions.</p>
      *
      * @param request the authentication request (never <code>null</code>)
      *
      * @throws AuthenticationException if the user has exceeded their maximum allowed current sessions
      */
     void checkAuthenticationAllowed(Authentication request)
         throws AuthenticationException;
 
     /**
      * Called by an <code>AuthenticationManager</code> when the authentication was successful. An
      * implementation is expected to register the authenticated user in some sort of registry, for future concurrent
      * tracking via the {@link #checkAuthenticationAllowed(Authentication)} method.
      *
      * @param authentication the successfully authenticated user (never <code>null</code>)
      */
     void registerSuccessfulAuthentication(Authentication authentication);
 }

1		/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
2		*
3		* Licensed under the Apache License, Version 2.0 (the "License");
4		* you may not use this file except in compliance with the License.
5		* You may obtain a copy of the License at
6		*
7		* http://www.apache.org/licenses/LICENSE-2.0
8		*
9		* Unless required by applicable law or agreed to in writing, software
10		* distributed under the License is distributed on an "AS IS" BASIS,
11		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		* See the License for the specific language governing permissions and
13		* limitations under the License.
14		*/
15
16		package org.acegisecurity.concurrent;
17
18		import org.acegisecurity.Authentication;
19		import org.acegisecurity.AuthenticationException;
20
21
22		/**
23		* Provides two methods that can be called by an {@link
24		* org.acegisecurity.AuthenticationManager} to integrate with the
25		* concurrent session handling infrastructure.
26		*
27		* @author Ben Alex
28		* @version $Id: ConcurrentSessionController.java 1784 2007-02-24 21:00:24Z luke_t $
29		*/
30		public interface ConcurrentSessionController {
31		//~ Methods ========================================================================================================
32
33		/**
34		* Called by any class that wishes to know whether the current authentication request should be permitted.
35		* Generally callers will be <code>AuthenticationManager</code>s before they authenticate, but could equally
36		* include <code>Filter</code>s or other interceptors that wish to confirm the ongoing validity of a previously
37		* authenticated <code>Authentication</code>.<p>The implementation should throw a suitable exception if the
38		* user has exceeded their maximum allowed concurrent sessions.</p>
39		*
40		* @param request the authentication request (never <code>null</code>)
41		*
42		* @throws AuthenticationException if the user has exceeded their maximum allowed current sessions
43		*/
44		void checkAuthenticationAllowed(Authentication request)
45		throws AuthenticationException;
46
47		/**
48		* Called by an <code>AuthenticationManager</code> when the authentication was successful. An
49		* implementation is expected to register the authenticated user in some sort of registry, for future concurrent
50		* tracking via the {@link #checkAuthenticationAllowed(Authentication)} method.
51		*
52		* @param authentication the successfully authenticated user (never <code>null</code>)
53		*/
54		void registerSuccessfulAuthentication(Authentication authentication);
55		}