001/* 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017package org.apache.wicket.authentication; 018 019import org.apache.wicket.Application; 020 021/** 022 * The interface of an authentication strategy which is accessible via 023 * {@link Application#getSecuritySettings()}. Implementations determine how logon data (username and 024 * password) are persisted (e.g. Cookie), retrieved and removed. 025 * 026 * @author Juergen Donnerstag 027 */ 028public interface IAuthenticationStrategy 029{ 030 /** 031 * If "rememberMe" is enabled, then load the saved credentials (e.g. username and password) from the persistence storage 032 * (e.g. Cookie) for automatic sign in. This is useful for applications which users typically 033 * have open the whole day but where the server invalidates the session after a timeout and you 034 * want to force the user to sign in again and again during the day. 035 * 036 * @return The {@link #save(String, String...) saved} credentials 037 */ 038 String[] load(); 039 040 /** 041 * If "rememberMe" is enabled and login was successful, then store the given credentials in the 042 * persistence store (e.g. Cookie). 043 * 044 * <p>The implementation of this method should be symmetrical with the implementation of 045 * {@link #load()}.</p> 046 * 047 * @param credential 048 * The credential to store. For example: a security token or username. 049 * @param extraCredentials 050 * Optional extra credentials. For example: a password 051 */ 052 void save(final String credential, final String... extraCredentials); 053 054 /** 055 * When the user logs out (session invalidation), then remove username and password from the 056 * persistence store 057 */ 058 void remove(); 059}