SessionAttributes.java

/*
 * Copyright 2001-2008 Geert Bevin <gbevin[remove] at uwyn dot com>
 * Licensed under the Apache License, Version 2.0 (the "License")
 * $Id: SessionAttributes.java 3918 2008-04-14 17:35:35Z gbevin $
 */
package com.uwyn.rife.authentication;

/**
 * This interface defines the methods that classes with
 * {@code SessionAttributes} functionalities have to implement.
 * <p>
 * A {@code SessionAttributes} class defines the context in which a session
 * is being validated. The presence and the value of certain attributes can
 * influence whether the access to a secured resource is authorized or
 * prohibited for a particular user.
 * <p>
 * For example, regular users have access to everything besides ithe
 * administration interface. Resources that are restricted to administrators can
 * for example have a {@code role} attribute that is set to
 * {@code admin}. A {@code SessionValidator} instance can detect the
 * presence of this attribute and act accordingly to verify if the user has the
 * authorities of the required role (in this case, administrator rights).
 *
 * @author Geert Bevin (gbevin[remove] at uwyn dot com)
 * @version $Revision: 3918 $
 * @see com.uwyn.rife.authentication.SessionValidator
 * @since 1.0
 */
public interface SessionAttributes
{
	/**
	 * Checks if a certain attribute is present.
	 *
	 * @param key  The key that identifies the attribute.
	 *
	 * @return {@code true} if the attribute was present; or
	 * <p>
	 * {@code false} otherwise.
	 *
	 * @see #getAttribute(String)
	 *
	 * @since 1.0
	 */
	public boolean hasAttribute(String key);

	/**
	 * Retrieves the value of a particular attribute.
	 *
	 * @param key  The key that identifies the attribute.
	 *
	 * @return A {@code String} instance with the value of the requested
	 * attribute; or
	 * <p>
	 * {@code null} if the attribute couldn't be found.
	 *
	 * @see #hasAttribute(String)
	 *
	 * @since 1.0
	 */
	public String getAttribute(String key);
}