1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
/**
* $RCSfile$
* $Revision$
* $Date$
*
* Copyright (C) 2004 Jive Software. All rights reserved.
*
* This software is published under the terms of the GNU Public License (GPL),
* a copy of which is included in this distribution.
*/
package org.jivesoftware.messenger.auth;
/**
* Provider interface for authentication. Users that wish to integrate with
* their own authentication system must implement this class and then register
* the implementation with Jive Messenger in the <tt>jive-messenger.xml</tt>
* file. An entry in that file would look like the following:
*
* <pre>
* <provider>
* <auth>
* <className>com.foo.auth.CustomAuthProvider</className>
* </auth>
* </provider></pre>
*
* @author Matt Tucker
*/
public interface AuthProvider {
/**
* Returns true if this AuthProvider supports authentication using plain-text
* passwords according to JEP--0078. Plain text authentication is not secure
* and should generally only be used for a TLS/SSL connection.
*
* @return true if plain text password authentication is supported by
* this AuthProvider.
*/
boolean isPlainSupported();
/**
* Returns true if this AuthProvider supports digest authentication
* according to JEP-0078.
*
* @return true if digest authentication is supported by this
* AuthProvider.
*/
boolean isDigestSupported();
/**
* Returns if the username and password are valid; otherwise this
* method throws an UnauthorizedException.<p>
*
* If {@link #isPlainSupported()} returns false, this method should
* throw an UnsupportedOperationException.
*
* @param username the username.
* @param password the passwordl
* @throws UnauthorizedException if the username and password do
* not match any existing user.
*/
void authenticate(String username, String password) throws UnauthorizedException;
/**
* Returns if the username, token, and digest are valid; otherwise this
* method throws an UnauthorizedException.<p>
*
* If {@link #isDigestSupported()} returns false, this method should
* throw an UnsupportedOperationException.
*
* @param username the username.
* @param token the token that was used with plain-text password to
* generate the digest.
* @param digest the digest generated from plain-text password and unique token.
* @throws UnauthorizedException if the username and password
* do not match any existing user.
*/
void authenticate(String username, String token, String digest)
throws UnauthorizedException;
}