1 /* 2 * Copyright 2001-2004 The Apache Software Foundation. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package org.apache.axis.security; 18 19 import org.apache.axis.MessageContext; 20 21 /** The Axis security provider interface 22 * 23 * As Axis is designed for use in embedded environments, those 24 * environments will often contain their own security databases and 25 * potentially authentication managers. This interface allows Axis 26 * to obtain authentication information from an opaque source which 27 * will presumably be configured into the engine at startup time. 28 * 29 * @author Glen Daniels (gdaniels@apache.org) 30 */ 31 public interface SecurityProvider 32 { 33 /** Authenticate a user from a username/password pair. 34 * 35 * @param msgContext the MessageContext containing authentication info 36 * @return an AuthenticatedUser or null 37 */ 38 public AuthenticatedUser authenticate(MessageContext msgContext); 39 40 /** See if a user matches a principal name. The name might be a user 41 * or a group. 42 * 43 * @return true if the user matches the passed name 44 */ 45 public boolean userMatches(AuthenticatedUser user, String principal); 46 } 47