/*
* Copyright (C) 2005-2007 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have recieved a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.repo.security.authentication;
import java.util.Set;
/**
* Manage authentication tickets
*
* @author andyh
*
*/
public interface TicketComponent
{
/**
* Register a new ticket
*
* @param userName
* @return - the ticket
* @throws AuthenticationException
*/
public String getNewTicket(String userName) throws AuthenticationException;
/**
* Get the current ticket
*
* @param userName
* @return - the ticket
*/
public String getCurrentTicket(String userName);
/**
* Check that a certificate is valid and can be used in place of a login.
*
* Tickets may be rejected because:
* <ol>
* <li> The certificate does not exists
* <li> The status of the user has changed
* <ol>
* <li> The user is locked
* <li> The account has expired
* <li> The credentials have expired
* <li> The account is disabled
* </ol>
* <li> The ticket may have expired
* <ol>
* <li> The ticked my be invalid by timed expiry
* <li> An attemp to reuse a once only ticket
* </ol>
* </ol>
*
* @param ticket
* @return - the user name
* @throws AuthenticationException
*/
public String validateTicket(String ticket) throws AuthenticationException;
/**
* Invalidate the tickets by id
* @param ticket
*/
public void invalidateTicketById(String ticket);
/**
* Invalidate all user tickets
*
* @param userName
*/
public void invalidateTicketByUser(String userName);
/**
* Count tickets
*
* This may be higher than the user count, since a user can have more than one ticket/session
*
* @param nonExpiredOnly true for non expired tickets, false for all (including expired) tickets
* @return int number of tickets
*/
public int countTickets(boolean nonExpiredOnly);
/**
* Get set of users with tickets
*
* This may be lower than the ticket count, since a user can have more than one ticket/session
*
* @param nonExpiredOnly true for non expired tickets, false for all (including expired) tickets
* @return Set<String> set of users with (one or more) tickets
*/
public Set<String> getUsersWithTickets(boolean nonExpiredOnly);
/**
* Invalidate tickets
*
* @param expiredOnly true for EXPIRED tickets, false for ALL (including non-expired) tickets
* @return int count of invalidated tickets
*/
public int invalidateTickets(boolean expiredOnly);
/**
* Get the authority for the given ticket
*
* @param ticket
* @return the authority
*/
public String getAuthorityForTicket(String ticket);
/**
* Clear the current ticket
*
*/
public void clearCurrentTicket();
}