Source code

001/**
002 * Copyright 2005-2016 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016package org.kuali.rice.kim.client.acegi;
017
018import org.acegisecurity.providers.dao.DaoAuthenticationProvider;
019import org.acegisecurity.userdetails.UserDetails;
020import org.acegisecurity.userdetails.UserDetailsService;
021import org.acegisecurity.userdetails.UsernameNotFoundException;
022import org.springframework.dao.DataAccessException;
023
024
025/**
026 * Defines an interface for implementations that wish to provide data 
027 * access services to the {@link DaoAuthenticationProvider}.
028 *
029 * <p>
030 * Kuali Requires CAS to provide the <code>Authentication Source</code> so
031 * a method is require to get user based on the <code>response</code> 
032 * object </p>
033 *  
034 * @author Kuali Rice Team (rice.collab@kuali.org)
035 *
036 */
037public interface KualiUserDetailsService extends UserDetailsService {
038    //~ Methods ========================================================================================================
039
040    /**
041     * Locates the user based on the response. In the actual implementation, the search may possibly be case
042     * insensitive, or case insensitive depending on how the implementaion instance is configured. In this case, the
043     * <code>UserDetails</code> object that comes back may have a username that is of a different case than what was
044     * actually requested.  Also populates the <code>Authentication Source</code> as a <code>GrantedAuthority</code>
045     *
046     * @param response the reponse from the TicketValidator presented to the {@link DaoAuthenticationProvider}
047     *
048     * @return a fully populated user record (never <code>null</code>)
049     *
050     * @throws UsernameNotFoundException if the user could not be found or the user has no GrantedAuthority
051     * @throws DataAccessException if user could not be found for a repository-specific reason
052     */
053    UserDetails loadUserByTicketResponse(KualiTicketResponse response)
054        throws UsernameNotFoundException, DataAccessException;
055}