/**\
** ============================================================================
**
** Copyright (c) 2004-2009 Tibco Software Inc. All Rights Reserved.
**
** This work is subject to U.S. and international copyright laws and treaties.
** No part of this work may be used, practiced, performed copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected,compiled, linked, recast, transformed or adapted without the prior written consent of Tibco Software Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
**
============================================================================
\**/
package com.tibco.mdm.directory.security.authentication;
import java.util.Map;
import com.tibco.mdm.infrastructure.error.MqException;
import com.tibco.mdm.infrastructure.profile.IMqSessionProfile;
/**
*
* An Interface that is used for pluggable Authentication/Authorization for
* TIBCO MDM.
*
*/
public interface ILoginModule {
public final static String DEFAULT_LOGIN_URL ="Login";
public final static String NEEDS_CHALLENGE="needChallenge";
public final static String DEFAULT_LOGIN_CLASS="com.tibco.mdm.directory.security.authentication.DefaultLoginModule";
public final static String TAM_AUTHENTICATION ="TAM";
public final static String RDBMS_AUTHENTICATION="Default";
public final static String SITE_MINDER_AUTHENTICATION="SM";
public final static String RDBMS_AUTHORIZATION="Default";
public final static String SINGLE_SIGNON_AUTHORIZATION="SingleSignOn";
/**
* This method authenticates and authorizes the user to access CIM
* application.
*
* Implement your login logic in this method
*
* @param userDetails a Map - All required parameter-value pairs
* for Authentication and Authorization, passed through this Map. if HTTP headers were extracted, the headers will be present in this map
*
* @return a new IMqSessionProfile User Profile with all details after login is successful
* retuns null if authentication/authorization fails.
*
* @throws MqException
*
*/
public IMqSessionProfile handleLogin(Map userDetails)throws MqException;
/** This method implements login management when used in web services.
*
* @param userDetails
* @return
* @throws MqException
*/
public IMqSessionProfile handleWebServiceLogin(Map userDetails)throws MqException;
/**
* This method returns the Url the user is directed on logout
*
* @param headerDetails a Map
*
* @return a String
*
*/
public String getLogoutUrl(Map headerDetails)throws MqException;
/**
* This method re isHeaderRequired
* Only if this method returns true, any HTTP headers in the URL are extracted
* You can use predefined ILoginModule.DEFAULT_LOGIN_URL if no special
* Logout URL is required.
*
* @return a boolean true if the special httpHeaders are to be extracted for
* authentication/authorization.
*/
public boolean isHeaderRequired();
/**
* This method onErrorRedirectURL should return the URL to used in case of errors.
* Typically this method can call getLogOutURL to return the URL to go to
*
* @return a String url the user is redirected on login Error.
*
*/
public String getErrorRedirectUrl()throws MqException;
/** getAuthenticationType
* This identifies the authentication type implemented by the login module
* Hardcode the value of authentication type - this method will be deprecated in future releases
* Following are reserved
* public final static String RDBMS_AUTHENTICATION="Default";
* public final static String SITE_MINDER_AUTHENTICATION="SM";
* @return a String
*/
public String getAuthenticationType();
/**
* Method getAuthorizationType
* Returns what type of authorization is this.
* @deprecated
* @return a String
*
*/
public String getAuthorizationType();
}