1 /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited 2 * 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 package org.springframework.security; 17 18 /** 19 * Evaluates <code>Authentication</code> tokens 20 * 21 * @author Ben Alex 22 * @version $Id: AuthenticationTrustResolver.java 2217 2007-10-27 00:45:30Z luke_t $ 23 */ 24 public interface AuthenticationTrustResolver { 25 //~ Methods ======================================================================================================== 26 27 /** 28 * Indicates whether the passed <code>Authentication</code> token represents an anonymous user. Typically 29 * the framework will call this method if it is trying to decide whether an <code>AccessDeniedException</code> 30 * should result in a final rejection (ie as would be the case if the principal was non-anonymous/fully 31 * authenticated) or direct the principal to attempt actual authentication (ie as would be the case if the 32 * <code>Authentication</code> was merely anonymous). 33 * 34 * @param authentication to test (may be <code>null</code> in which case the method will always return 35 * <code>false</code>) 36 * 37 * @return <code>true</code> the passed authentication token represented an anonymous principal, <code>false</code> 38 * otherwise 39 */ 40 boolean isAnonymous(Authentication authentication); 41 42 /** 43 * Indicates whether the passed <code>Authentication</code> token represents user that has been remembered 44 * (ie not a user that has been fully authenticated).<p><b>No part of the framework uses this method</b>, 45 * as it is a weak definition of trust levels. The method is provided simply to assist with custom 46 * <code>AccessDecisionVoter</code>s and the like that you might develop. Of course, you don't need to use this 47 * method either and can develop your own "trust level" hierarchy instead.</p> 48 * 49 * @param authentication to test (may be <code>null</code> in which case the method will always return 50 * <code>false</code>) 51 * 52 * @return <code>true</code> the passed authentication token represented a principal authenticated using a 53 * remember-me token, <code>false</code> otherwise 54 */ 55 boolean isRememberMe(Authentication authentication); 56 }