authorization.java

Jive 是一个系统工程

/**
 * $RCSfile: Authorization.java,v $
 * $Revision: 1.2 $
 * $Date: 2000/12/21 17:46:53 $
 *
 * Copyright (C) 2000 CoolServlets.com. All rights reserved.
 *
 * ===================================================================
 * The Apache Software License, Version 1.1
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. The end-user documentation included with the redistribution,
 *    if any, must include the following acknowledgment:
 *       "This product includes software developed by
 *        CoolServlets.com (http://www.coolservlets.com)."
 *    Alternately, this acknowledgment may appear in the software itself,
 *    if and wherever such third-party acknowledgments normally appear.
 *
 * 4. The names "Jive" and "CoolServlets.com" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please
 *    contact webmaster@coolservlets.com.
 *
 * 5. Products derived from this software may not be called "Jive",
 *    nor may "Jive" appear in their name, without prior written
 *    permission of CoolServlets.com.
 *
 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED.  IN NO EVENT SHALL COOLSERVLETS.COM OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * ====================================================================
 *
 * This software consists of voluntary contributions made by many
 * individuals on behalf of CoolServlets.com. For more information
 * on CoolServlets.com, please see <http://www.coolservlets.com>.
 */

package com.coolservlets.forum;

/**
 * Proves that a user has successfully logged in. The existence of an
 * Authorization object indicates that a person has logged in correctly
 * and has authentication to act as the user associated with the
 * authentication. An instance of this object can be obtained from an
 * AuthorizationFactory and must be passed in to to get an intstance of
 * ForumFactory.
 * <p>
 * In the case of using the core forum services through a web interface, the
 * expected behavior is to have a user login and then store the Authorization
 * object in their session.
 * <p>
 * (Note by Matt) It's my opinion that this authorization method needs better
 * security. At the moment, this method is certainly ok if forum skins
 * can be trusted. However, the security goal has always been to protect as
 * much as possible against malicious skins. Therefore, the implementation of
 * this class will be changed in the near future to use signed objects. Some
 * thought will have to be given to a public/private key management system, so
 * I'm going to delay implementing it for now. This means -- be sure you can
 * trust your skins!!
 *
 * @see AuthorizationFactory
 * @see ForumFactory
 */
public interface Authorization {

    /**
     * Returns the userID associated with this Authorization.
     */
    public int getUserID();

}