/* http-realm - Authentication Extensions to jdk.httpserver Copyright (C) 2021 Ulrich Hilger This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. You should have received a copy of the GNU Affero General Public License along with this program. If not, see . */ package de.uhilger.httpserver.auth.realm; /** * A Realm is a "database" of usernames and passwords that identify valid * users of an application (or a set of applications), plus a list of roles * associated with each valid user. * * You can think of roles as similar to groups in Unix-like operating systems, * because access to specific web application resources is granted to all * users possessing a particular role (rather than enumerating the list of * associated usernames). A particular user can have any number of roles * associated with their username. * * @author Ulrich Hilger * @version 1, 22.05.2021 */ public interface Realm { /** * Uberpruefen, ob die Benutzerkennung und das Kennwort gueltig sind. * * @param userId der Benutzer * @param password das Kennwort des Benutzers * @return true, wenn die Angaben stimmen, false wenn nicht */ public boolean isValid(String userId, String password); /** * Pruefen, ob ein Benutzer eine Rolle hat * * @param userId der Benutzer * @param roleId die Kennung der Rolle * @return true, wenn der Benutzer die Rolle hat, false wenn nicht */ public boolean hasRole(String userId, String roleId); /** * Den Namen dieses Realms ermitteln * @return Name des Realms */ public String getName(); }