Source code

001/*
002 * This library is part of OpenCms -
003 * the Open Source Content Management System
004 *
005 * Copyright (c) Alkacon Software GmbH & Co. KG (http://www.alkacon.com)
006 *
007 * This library is free software; you can redistribute it and/or
008 * modify it under the terms of the GNU Lesser General Public
009 * License as published by the Free Software Foundation; either
010 * version 2.1 of the License, or (at your option) any later version.
011 *
012 * This library is distributed in the hope that it will be useful,
013 * but WITHOUT ANY WARRANTY; without even the implied warranty of
014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015 * Lesser General Public License for more details.
016 *
017 * For further information about Alkacon Software, please see the
018 * company website: http://www.alkacon.com
019 *
020 * For further information about OpenCms, please see the
021 * project website: http://www.opencms.org
022 *
023 * You should have received a copy of the GNU Lesser General Public
024 * License along with this library; if not, write to the Free Software
025 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
026 */
027
028package org.opencms.xml.xml2json;
029
030import org.opencms.configuration.CmsParameterConfiguration;
031import org.opencms.file.CmsObject;
032import org.opencms.main.CmsException;
033
034import javax.servlet.http.HttpServletRequest;
035
036/**
037 * Special authorization handler for APIs using stateless authorization.
038 *
039 * <p>This does *not* handle authorization for normal OpenCms users (editors and website users), but is meant for use in APIs implemented
040 * as request handlers or resource init handlers. Authorization is supposed to be stateless, i.e. authorization information is passed with every
041 * HTTP request.
042 */
043public interface I_CmsApiAuthorizationHandler {
044
045    /**
046     * Authenticates a user from a request and returns a CmsObject initialized with that user.
047     *
048     *  <p>If no user can be authenticated from the request, this method returns null.
049     *
050     * @param adminCms a CmsObject with root admin privileges
051     * @param request the request
052     * @return the CmsObject for the request
053     *
054     * @throws CmsException if something goes wrong
055     */
056    CmsObject initCmsObject(CmsObject adminCms, HttpServletRequest request) throws CmsException;
057
058    /**
059     * Sets the admin CmsObject used internally by this handler.
060     *
061     * @param cms the admin CmsObject to use
062     */
063    void initialize(CmsObject cms);
064
065    /**
066     * Sets the configuration parameters for this handler.
067     *
068     * @param params the configuration parameters
069     */
070    void setParameters(CmsParameterConfiguration params);
071
072}