logoncontroller.java

这是linux下ssl vpn的实现程序

/*
 *  SSL-Explorer
 *
 *  Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
 *
 *  This program is free software; you can redistribute it and/or
 *  modify it under the terms of the GNU General Public License
 *  as published by the Free Software Foundation; either version 2 of
 *  the License, or (at your option) any later version.
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public
 *  License along with this program; if not, write to the Free Software
 *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 */
			
package com.sslexplorer.security;

import java.net.UnknownHostException;
import java.util.List;
import java.util.Map;
import java.util.Properties;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.sslexplorer.boot.RequestHandlerRequest;
import com.sslexplorer.boot.RequestHandlerResponse;
import com.sslexplorer.policyframework.Principal;
import com.sslexplorer.properties.PropertyProfile;

/**
 * @author Brett Smith <brett@3sp.com>
 */
public interface LogonController {
    public final static int ACCOUNT_UNKNOWN = -1;
    public final static int ACCOUNT_GRANTED = 0;
    public final static int ACCOUNT_DISABLED = 1;
    public final static int ACCOUNT_LOCKED = 2;
    public final static int ACCOUNT_REVOKED = 3;
    public final static int ACCOUNT_ACTIVE = 4;
    public final static int NOT_LOGGED_ON = 0;
    public final static int LOGGED_ON = 1;
    public final static int INVALID_TICKET  = 2;

    /**
     * Initialize the controller with the user and system databases.
     *
     * @param udb
     * @param sdb
     */
    public abstract void init();

    public abstract boolean isAdministrator(User principal);

    public abstract int addSessionTimeoutBlock(HttpSession session, String reason);

    public abstract void removeSessionTimeoutBlock(HttpSession session, int sessionTimeoutBlockId);

    public abstract void logoffSession(HttpServletRequest request, HttpServletResponse response) throws InvalidTicketException;

    public abstract List getSessionInfo(String username, int sessionType);

    public abstract SessionInfo getSessionInfo(String logonTicket);

    public abstract int getUserStatus(String username) throws Exception;

    public abstract String logonClient(HttpServletRequest request, HttpServletResponse response, String username, String password,
                    Properties properties) throws InvalidTicketException, UserDatabaseException, InvalidLoginCredentialsException,
                    AccountLockedException, UnknownHostException;
    public User doClientLogon(String username, String password) throws UserDatabaseException, InvalidLoginCredentialsException, AccountLockedException;

    public abstract void initialiseSession(HttpSession session, User user, boolean requiresProfile) throws UserDatabaseException;

    public abstract void resetSessionTimeout(User user, PropertyProfile profile, HttpSession session);

    public abstract AccountLock checkForAccountLock(String username) throws AuthenticationException, AccountLockedException;

    public abstract void logonFailed(String username, AccountLock lock) throws AuthenticationException, AccountLockedException;

    public abstract void removeVPNClient(VPNSession session);

    public abstract void logoff(String ticket);

    public abstract VPNSession getPrimaryVPNSession(List vpnSessions);

    public abstract String setupVPNSession(HttpServletRequest request, SessionInfo sessionInfo)
                    throws InvalidTicketException;

    public abstract VPNSession getVPNSessionByTicket(String ticket);

    public abstract List getVPNSessionsByLogon(HttpServletRequest request);

    public abstract List getVPNSessionsByLogon(String ticket);

    public abstract VPNSession getPendingVPNSession(HttpServletRequest request);

    public abstract VPNSession getPendingVPNSession(String ticket);

    public abstract Map getActiveSessions();

    public abstract void deregisterVPNClient(VPNSession vpnSession) throws IllegalStateException;

    public abstract String registerVPNClient(HttpServletRequest request, String authorizationTicket, int clientPort,
                    Properties properties, int type) throws InvalidTicketException;

    public abstract boolean waitForClientRegistration(String ticket, int timeout);

    public abstract User getUser(HttpSession session, String logonTicket) throws InvalidTicketException;

    public abstract User getUser(HttpServletRequest request) throws InvalidTicketException;

    public abstract User getUser(HttpServletRequest request, String logonTicket) throws InvalidTicketException;

    public abstract int hasClientLoggedOn(HttpServletRequest request, HttpServletResponse response)
                    throws InvalidTicketException;

    public abstract VPNSession getVPNSession(HttpServletRequest request);

    public abstract boolean verifyPendingVPNAuthorization(String ticket);

    public abstract boolean verifyPendingVPNAuthorization(HttpServletRequest request);


    public abstract void unlockUser(String username);

    public abstract void waitForFirstClientHearbeat(HttpServletRequest request) throws Exception;

    /**
     * @param request
     * @param response
     * @param authSession
     */
    public abstract void logon(HttpServletRequest request, HttpServletResponse response, AuthenticationScheme authSession)
                    throws Exception;

    /**
     * @param scheme
     * @return
     */
    public abstract char[] getPasswordFromCredentials(AuthenticationScheme scheme);

    /**
     * @param session
     * @return
     */
    public abstract boolean isVPNSessionValid(VPNSession session);

    /**
     * @param request
     * @return
     */
    public abstract SessionInfo getSessionInfo(HttpServletRequest request) ;
    
    public abstract SessionInfo getSessionInfo(HttpSession session) ;


    public abstract SessionInfo getSessionInfoBySessionId(String sessionId);

    public void addCookies(RequestHandlerRequest request,
			RequestHandlerResponse response, String logonTicket, User user);

    public void addSession(String logonTicket, SessionInfo info, HttpServletRequest request, HttpServletResponse response, User user);

    public abstract String checkLogonAllowed(String username);
    
    public void attachSession(String sessionId, SessionInfo session);
    
    public void registerAuthorizationTicket(String ticket, SessionInfo session);
    
    public SessionInfo removeAuthorizationTicket(String ticket);
    
    public SessionInfo getAuthorizationTicket(String ticket);
}