001 /*
002 Licensed to the Apache Software Foundation (ASF) under one
003 or more contributor license agreements. See the NOTICE file
004 distributed with this work for additional information
005 regarding copyright ownership. The ASF licenses this file
006 to you under the Apache License, Version 2.0 (the
007 "License"); you may not use this file except in compliance
008 with the License. You may obtain a copy of the License at
009
010 http://www.apache.org/licenses/LICENSE-2.0
011
012 Unless required by applicable law or agreed to in writing,
013 software distributed under the License is distributed on an
014 "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 KIND, either express or implied. See the License for the
016 specific language governing permissions and limitations
017 under the License.
018 */
019 package org.apache.wiki.auth.authorize;
020
021 import java.security.Principal;
022
023 import javax.servlet.http.HttpServletRequest;
024
025 import org.apache.wiki.auth.Authorizer;
026
027 /**
028 * Extends the {@link org.apache.wiki.auth.Authorizer} interface by
029 * including a delgate method for
030 * {@link javax.servlet.http.HttpServletRequest#isUserInRole(String)}.
031 */
032 public interface WebAuthorizer extends Authorizer
033 {
034
035 /**
036 * Determines whether a user associated with an HTTP request possesses
037 * a particular role. This method simply delegates to
038 * {@link javax.servlet.http.HttpServletRequest#isUserInRole(String)}
039 * by converting the Principal's name to a String.
040 * @param request the HTTP request
041 * @param role the role to check
042 * @return <code>true</code> if the user is considered to be in the role,
043 * <code>false</code> otherwise
044 */
045 boolean isUserInRole( HttpServletRequest request, Principal role );
046
047 }