Google Git
Sign in
apache / shiro-site / 01016f43374d9b054f3ea1e568b015d5d69428f9 / . / src / site / assets / static / 1.10.1 / shiro-core / xref / org / apache / shiro / authc / pam / AuthenticationStrategy.html
blob: 593173bf24ed5749370570cd9584be1ad50cae03 [file] [log] [blame]
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head><meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>AuthenticationStrategy xref</title>
<link type="text/css" rel="stylesheet" href="../../../../../stylesheet.css" />
</head>
<body>
<div id="overview"><a href="../../../../../../apidocs/org/apache/shiro/authc/pam/AuthenticationStrategy.html">View Javadoc</a></div><pre>
<a class="jxr_linenumber" name="L1" href="#L1">1</a> <em class="jxr_comment">/*</em>
<a class="jxr_linenumber" name="L2" href="#L2">2</a> <em class="jxr_comment"> * Licensed to the Apache Software Foundation (ASF) under one</em>
<a class="jxr_linenumber" name="L3" href="#L3">3</a> <em class="jxr_comment"> * or more contributor license agreements. See the NOTICE file</em>
<a class="jxr_linenumber" name="L4" href="#L4">4</a> <em class="jxr_comment"> * distributed with this work for additional information</em>
<a class="jxr_linenumber" name="L5" href="#L5">5</a> <em class="jxr_comment"> * regarding copyright ownership. The ASF licenses this file</em>
<a class="jxr_linenumber" name="L6" href="#L6">6</a> <em class="jxr_comment"> * to you under the Apache License, Version 2.0 (the</em>
<a class="jxr_linenumber" name="L7" href="#L7">7</a> <em class="jxr_comment"> * "License"); you may not use this file except in compliance</em>
<a class="jxr_linenumber" name="L8" href="#L8">8</a> <em class="jxr_comment"> * with the License. You may obtain a copy of the License at</em>
<a class="jxr_linenumber" name="L9" href="#L9">9</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L10" href="#L10">10</a> <em class="jxr_comment"> * <a href="http://www.apache.org/licenses/LICENSE-2.0" target="alexandria_uri">http://www.apache.org/licenses/LICENSE-2.0</a></em>
<a class="jxr_linenumber" name="L11" href="#L11">11</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L12" href="#L12">12</a> <em class="jxr_comment"> * Unless required by applicable law or agreed to in writing,</em>
<a class="jxr_linenumber" name="L13" href="#L13">13</a> <em class="jxr_comment"> * software distributed under the License is distributed on an</em>
<a class="jxr_linenumber" name="L14" href="#L14">14</a> <em class="jxr_comment"> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY</em>
<a class="jxr_linenumber" name="L15" href="#L15">15</a> <em class="jxr_comment"> * KIND, either express or implied. See the License for the</em>
<a class="jxr_linenumber" name="L16" href="#L16">16</a> <em class="jxr_comment"> * specific language governing permissions and limitations</em>
<a class="jxr_linenumber" name="L17" href="#L17">17</a> <em class="jxr_comment"> * under the License.</em>
<a class="jxr_linenumber" name="L18" href="#L18">18</a> <em class="jxr_comment"> */</em>
<a class="jxr_linenumber" name="L19" href="#L19">19</a> <strong class="jxr_keyword">package</strong> org.apache.shiro.authc.pam;
<a class="jxr_linenumber" name="L20" href="#L20">20</a>
<a class="jxr_linenumber" name="L21" href="#L21">21</a> <strong class="jxr_keyword">import</strong> org.apache.shiro.authc.AuthenticationException;
<a class="jxr_linenumber" name="L22" href="#L22">22</a> <strong class="jxr_keyword">import</strong> org.apache.shiro.authc.AuthenticationInfo;
<a class="jxr_linenumber" name="L23" href="#L23">23</a> <strong class="jxr_keyword">import</strong> org.apache.shiro.authc.AuthenticationToken;
<a class="jxr_linenumber" name="L24" href="#L24">24</a> <strong class="jxr_keyword">import</strong> org.apache.shiro.realm.Realm;
<a class="jxr_linenumber" name="L25" href="#L25">25</a>
<a class="jxr_linenumber" name="L26" href="#L26">26</a> <strong class="jxr_keyword">import</strong> java.util.Collection;
<a class="jxr_linenumber" name="L27" href="#L27">27</a>
<a class="jxr_linenumber" name="L28" href="#L28">28</a>
<a class="jxr_linenumber" name="L29" href="#L29">29</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L30" href="#L30">30</a> <em class="jxr_javadoccomment"> * A {@code AuthenticationStrategy} implementation assists the {@link ModularRealmAuthenticator} during the</em>
<a class="jxr_linenumber" name="L31" href="#L31">31</a> <em class="jxr_javadoccomment"> * log-in process in a pluggable realm (PAM) environment.</em>
<a class="jxr_linenumber" name="L32" href="#L32">32</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L33" href="#L33">33</a> <em class="jxr_javadoccomment"> * &lt;p&gt;The {@code ModularRealmAuthenticator} will consult implementations of this interface on what to do during each</em>
<a class="jxr_linenumber" name="L34" href="#L34">34</a> <em class="jxr_javadoccomment"> * interaction with the configured Realms. This allows a pluggable strategy of whether or not an authentication</em>
<a class="jxr_linenumber" name="L35" href="#L35">35</a> <em class="jxr_javadoccomment"> * attempt must be successful for all realms, only 1 or more realms, no realms, etc.</em>
<a class="jxr_linenumber" name="L36" href="#L36">36</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L37" href="#L37">37</a> <em class="jxr_javadoccomment"> * @see AllSuccessfulStrategy</em>
<a class="jxr_linenumber" name="L38" href="#L38">38</a> <em class="jxr_javadoccomment"> * @see AtLeastOneSuccessfulStrategy</em>
<a class="jxr_linenumber" name="L39" href="#L39">39</a> <em class="jxr_javadoccomment"> * @see FirstSuccessfulStrategy</em>
<a class="jxr_linenumber" name="L40" href="#L40">40</a> <em class="jxr_javadoccomment"> * @since 0.2</em>
<a class="jxr_linenumber" name="L41" href="#L41">41</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L42" href="#L42">42</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">interface</strong> <a name="AuthenticationStrategy" href="../../../../../org/apache/shiro/authc/pam/AuthenticationStrategy.html#AuthenticationStrategy">AuthenticationStrategy</a> {
<a class="jxr_linenumber" name="L43" href="#L43">43</a>
<a class="jxr_linenumber" name="L44" href="#L44">44</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L45" href="#L45">45</a> <em class="jxr_javadoccomment"> * Method invoked by the ModularAuthenticator signifying that the authentication process is about to begin for the</em>
<a class="jxr_linenumber" name="L46" href="#L46">46</a> <em class="jxr_javadoccomment"> * specified {@code token} - called before any {@code Realm} is actually invoked.</em>
<a class="jxr_linenumber" name="L47" href="#L47">47</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L48" href="#L48">48</a> <em class="jxr_javadoccomment"> * &lt;p&gt;The {@code AuthenticationInfo} object returned from this method is essentially an empty place holder for</em>
<a class="jxr_linenumber" name="L49" href="#L49">49</a> <em class="jxr_javadoccomment"> * aggregating account data across multiple realms. It should be populated by the strategy implementation over the</em>
<a class="jxr_linenumber" name="L50" href="#L50">50</a> <em class="jxr_javadoccomment"> * course of authentication attempts across the multiple realms. It will be passed into the</em>
<a class="jxr_linenumber" name="L51" href="#L51">51</a> <em class="jxr_javadoccomment"> * {@link #beforeAttempt} calls, allowing inspection of the aggregated account data up to that point in the</em>
<a class="jxr_linenumber" name="L52" href="#L52">52</a> <em class="jxr_javadoccomment"> * multi-realm authentication, allowing any logic to be executed accordingly.</em>
<a class="jxr_linenumber" name="L53" href="#L53">53</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L54" href="#L54">54</a> <em class="jxr_javadoccomment"> * @param realms the Realms that will be consulted during the authentication process for the specified token.</em>
<a class="jxr_linenumber" name="L55" href="#L55">55</a> <em class="jxr_javadoccomment"> * @param token the Principal/Credential representation to be used during authentication for a corresponding subject.</em>
<a class="jxr_linenumber" name="L56" href="#L56">56</a> <em class="jxr_javadoccomment"> * @return an empty AuthenticationInfo object that will populated with data from multiple realms.</em>
<a class="jxr_linenumber" name="L57" href="#L57">57</a> <em class="jxr_javadoccomment"> * @throws AuthenticationException if the strategy implementation does not wish the Authentication attempt to execute.</em>
<a class="jxr_linenumber" name="L58" href="#L58">58</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L59" href="#L59">59</a> <a name="AuthenticationInfo" href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html#AuthenticationInfo">AuthenticationInfo</a> beforeAllAttempts(Collection&lt;? <strong class="jxr_keyword">extends</strong> Realm&gt; realms, <a name="AuthenticationToken" href="../../../../../org/apache/shiro/authc/AuthenticationToken.html#AuthenticationToken">AuthenticationToken</a> token) <strong class="jxr_keyword">throws</strong> AuthenticationException;
<a class="jxr_linenumber" name="L60" href="#L60">60</a>
<a class="jxr_linenumber" name="L61" href="#L61">61</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L62" href="#L62">62</a> <em class="jxr_javadoccomment"> * Method invoked by the ModularAuthenticator just prior to the realm being consulted for account data,</em>
<a class="jxr_linenumber" name="L63" href="#L63">63</a> <em class="jxr_javadoccomment"> * allowing pre-authentication-attempt logic for that realm only.</em>
<a class="jxr_linenumber" name="L64" href="#L64">64</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L65" href="#L65">65</a> <em class="jxr_javadoccomment"> * &lt;p&gt;This method returns an {@code AuthenticationInfo} object that will be used for further interaction with realms. Most</em>
<a class="jxr_linenumber" name="L66" href="#L66">66</a> <em class="jxr_javadoccomment"> * implementations will merely return the {@code aggregate} method argument if they don't have a need to</em>
<a class="jxr_linenumber" name="L67" href="#L67">67</a> <em class="jxr_javadoccomment"> * manipulate it.</em>
<a class="jxr_linenumber" name="L68" href="#L68">68</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L69" href="#L69">69</a> <em class="jxr_javadoccomment"> * @param realm the realm that will be consulted for {@code AuthenticationInfo} for the specified {@code token}.</em>
<a class="jxr_linenumber" name="L70" href="#L70">70</a> <em class="jxr_javadoccomment"> * @param token the {@code AuthenticationToken} submitted for the subject attempting system log-in.</em>
<a class="jxr_linenumber" name="L71" href="#L71">71</a> <em class="jxr_javadoccomment"> * @param aggregate the aggregated AuthenticationInfo object being used across the multi-realm authentication attempt</em>
<a class="jxr_linenumber" name="L72" href="#L72">72</a> <em class="jxr_javadoccomment"> * @return the AuthenticationInfo object that will be presented to further realms in the authentication process - returning</em>
<a class="jxr_linenumber" name="L73" href="#L73">73</a> <em class="jxr_javadoccomment"> * the {@code aggregate} method argument is the normal case if no special action needs to be taken.</em>
<a class="jxr_linenumber" name="L74" href="#L74">74</a> <em class="jxr_javadoccomment"> * @throws org.apache.shiro.authc.AuthenticationException</em>
<a class="jxr_linenumber" name="L75" href="#L75">75</a> <em class="jxr_javadoccomment"> * an exception thrown by the Strategy implementation if it wishes the login</em>
<a class="jxr_linenumber" name="L76" href="#L76">76</a> <em class="jxr_javadoccomment"> * process for the associated subject (user) to stop immediately.</em>
<a class="jxr_linenumber" name="L77" href="#L77">77</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L78" href="#L78">78</a> <a name="AuthenticationInfo" href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html#AuthenticationInfo">AuthenticationInfo</a> beforeAttempt(<a name="Realm" href="../../../../../org/apache/shiro/realm/Realm.html#Realm">Realm</a> realm, <a name="AuthenticationToken" href="../../../../../org/apache/shiro/authc/AuthenticationToken.html#AuthenticationToken">AuthenticationToken</a> token, <a name="AuthenticationInfo" href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html#AuthenticationInfo">AuthenticationInfo</a> aggregate) <strong class="jxr_keyword">throws</strong> AuthenticationException;
<a class="jxr_linenumber" name="L79" href="#L79">79</a>
<a class="jxr_linenumber" name="L80" href="#L80">80</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L81" href="#L81">81</a> <em class="jxr_javadoccomment"> * Method invoked by the ModularAuthenticator just after the given realm has been consulted for authentication,</em>
<a class="jxr_linenumber" name="L82" href="#L82">82</a> <em class="jxr_javadoccomment"> * allowing post-authentication-attempt logic for that realm only.</em>
<a class="jxr_linenumber" name="L83" href="#L83">83</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L84" href="#L84">84</a> <em class="jxr_javadoccomment"> * &lt;p&gt;This method returns an {@code AuthenticationInfo} object that will be used for further interaction with realms. Most</em>
<a class="jxr_linenumber" name="L85" href="#L85">85</a> <em class="jxr_javadoccomment"> * implementations will merge the {@code singleRealmInfo} into the {@code aggregateInfo} and</em>
<a class="jxr_linenumber" name="L86" href="#L86">86</a> <em class="jxr_javadoccomment"> * just return the {@code aggregateInfo} for continued use throughout the authentication process.&lt;/p&gt;</em>
<a class="jxr_linenumber" name="L87" href="#L87">87</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L88" href="#L88">88</a> <em class="jxr_javadoccomment"> * @param realm the realm that was just consulted for {@code AuthenticationInfo} for the given {@code token}.</em>
<a class="jxr_linenumber" name="L89" href="#L89">89</a> <em class="jxr_javadoccomment"> * @param token the {@code AuthenticationToken} submitted for the subject attempting system log-in.</em>
<a class="jxr_linenumber" name="L90" href="#L90">90</a> <em class="jxr_javadoccomment"> * @param singleRealmInfo the info returned from a single realm.</em>
<a class="jxr_linenumber" name="L91" href="#L91">91</a> <em class="jxr_javadoccomment"> * @param aggregateInfo the aggregate info representing all realms in a multi-realm environment.</em>
<a class="jxr_linenumber" name="L92" href="#L92">92</a> <em class="jxr_javadoccomment"> * @param t the Throwable thrown by the Realm during the attempt, or {@code null} if the method returned normally.</em>
<a class="jxr_linenumber" name="L93" href="#L93">93</a> <em class="jxr_javadoccomment"> * @return the AuthenticationInfo object that will be presented to further realms in the authentication process - returning</em>
<a class="jxr_linenumber" name="L94" href="#L94">94</a> <em class="jxr_javadoccomment"> * the {@code aggregateAccount} method argument is the normal case if no special action needs to be taken.</em>
<a class="jxr_linenumber" name="L95" href="#L95">95</a> <em class="jxr_javadoccomment"> * @throws AuthenticationException an exception thrown by the Strategy implementation if it wishes the login process</em>
<a class="jxr_linenumber" name="L96" href="#L96">96</a> <em class="jxr_javadoccomment"> * for the associated subject (user) to stop immediately.</em>
<a class="jxr_linenumber" name="L97" href="#L97">97</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L98" href="#L98">98</a> <a name="AuthenticationInfo" href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html#AuthenticationInfo">AuthenticationInfo</a> afterAttempt(<a name="Realm" href="../../../../../org/apache/shiro/realm/Realm.html#Realm">Realm</a> realm, <a name="AuthenticationToken" href="../../../../../org/apache/shiro/authc/AuthenticationToken.html#AuthenticationToken">AuthenticationToken</a> token, <a name="AuthenticationInfo" href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html#AuthenticationInfo">AuthenticationInfo</a> singleRealmInfo, <a name="AuthenticationInfo" href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html#AuthenticationInfo">AuthenticationInfo</a> aggregateInfo, Throwable t)
<a class="jxr_linenumber" name="L99" href="#L99">99</a> <strong class="jxr_keyword">throws</strong> AuthenticationException;
<a class="jxr_linenumber" name="L100" href="#L100">100</a>
<a class="jxr_linenumber" name="L101" href="#L101">101</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L102" href="#L102">102</a> <em class="jxr_javadoccomment"> * Method invoked by the ModularAuthenticator signifying that all of its configured Realms have been consulted</em>
<a class="jxr_linenumber" name="L103" href="#L103">103</a> <em class="jxr_javadoccomment"> * for account data, allowing post-processing after all realms have completed.</em>
<a class="jxr_linenumber" name="L104" href="#L104">104</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L105" href="#L105">105</a> <em class="jxr_javadoccomment"> * &lt;p&gt;Returns the final AuthenticationInfo object that will be returned from the Authenticator to the authenticate() caller.</em>
<a class="jxr_linenumber" name="L106" href="#L106">106</a> <em class="jxr_javadoccomment"> * This is most likely the aggregate AuthenticationInfo object that has been populated by many realms, but the actual return value is</em>
<a class="jxr_linenumber" name="L107" href="#L107">107</a> <em class="jxr_javadoccomment"> * always up to the implementation.</em>
<a class="jxr_linenumber" name="L108" href="#L108">108</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L109" href="#L109">109</a> <em class="jxr_javadoccomment"> * @param token the {@code AuthenticationToken} submitted for the subject attempting system log-in.</em>
<a class="jxr_linenumber" name="L110" href="#L110">110</a> <em class="jxr_javadoccomment"> * @param aggregate the aggregate {@code AuthenticationInfo} instance populated by all realms during the log-in attempt.</em>
<a class="jxr_linenumber" name="L111" href="#L111">111</a> <em class="jxr_javadoccomment"> * @return the final {@code AuthenticationInfo} object to return to the Authenticator.authenticate() caller.</em>
<a class="jxr_linenumber" name="L112" href="#L112">112</a> <em class="jxr_javadoccomment"> * @throws AuthenticationException if the Strategy implementation wishes to fail the authentication attempt.</em>
<a class="jxr_linenumber" name="L113" href="#L113">113</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L114" href="#L114">114</a> <a name="AuthenticationInfo" href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html#AuthenticationInfo">AuthenticationInfo</a> afterAllAttempts(<a name="AuthenticationToken" href="../../../../../org/apache/shiro/authc/AuthenticationToken.html#AuthenticationToken">AuthenticationToken</a> token, <a name="AuthenticationInfo" href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html#AuthenticationInfo">AuthenticationInfo</a> aggregate) <strong class="jxr_keyword">throws</strong> AuthenticationException;
<a class="jxr_linenumber" name="L115" href="#L115">115</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2004&#x2013;2022 <a href="https://www.apache.org/">The Apache Software Foundation</a>. All rights reserved.</div>
</body>
</html>