View Javadoc

1   /*
2    * Copyright 2007-2008 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.kuali.rice.kim.client.acegi;
18  
19  import org.acegisecurity.providers.dao.DaoAuthenticationProvider;
20  import org.acegisecurity.userdetails.UserDetails;
21  import org.acegisecurity.userdetails.UserDetailsService;
22  import org.acegisecurity.userdetails.UsernameNotFoundException;
23  import org.springframework.dao.DataAccessException;
24  
25  
26  /**
27   * Defines an interface for implementations that wish to provide data 
28   * access services to the {@link DaoAuthenticationProvider}.
29   *
30   * <p>
31   * Kuali Requires CAS to provide the <code>Authentication Source</code> so
32   * a method is require to get user based on the <code>response</code> 
33   * object </p>
34   *  
35   * @author Kuali Rice Team (rice.collab@kuali.org)
36   *
37   */
38  public interface KualiUserDetailsService extends UserDetailsService {
39      //~ Methods ========================================================================================================
40  
41      /**
42       * Locates the user based on the response. In the actual implementation, the search may possibly be case
43       * insensitive, or case insensitive depending on how the implementaion instance is configured. In this case, the
44       * <code>UserDetails</code> object that comes back may have a username that is of a different case than what was
45       * actually requested.  Also populates the <code>Authentication Source</code> as a <code>GrantedAuthority</code>
46       *
47       * @param response the reponse from the TicketValidator presented to the {@link DaoAuthenticationProvider}
48       *
49       * @return a fully populated user record (never <code>null</code>)
50       *
51       * @throws UsernameNotFoundException if the user could not be found or the user has no GrantedAuthority
52       * @throws DataAccessException if user could not be found for a repository-specific reason
53       */
54      UserDetails loadUserByTicketResponse(KualiTicketResponse response)
55          throws UsernameNotFoundException, DataAccessException;
56  }