1 /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited 2 * 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 package org.springframework.security.userdetails; 17 18 import org.springframework.security.Authentication; 19 import org.springframework.security.GrantedAuthority; 20 21 import java.io.Serializable; 22 23 24 /** 25 * Provides core user information. 26 * 27 * <p> 28 * Implementations are not used directly by Spring Security for security 29 * purposes. They simply store user information which is later encapsulated 30 * into {@link Authentication} objects. This allows non-security related user 31 * information (such as email addresses, telephone numbers etc) to be stored 32 * in a convenient location. 33 * </p> 34 * 35 * <p> 36 * Concrete implementations must take particular care to ensure the non-null 37 * contract detailed for each method is enforced. See 38 * {@link org.springframework.security.userdetails.User} for a 39 * reference implementation (which you might like to extend). 40 * </p> 41 * 42 * <p> 43 * Concrete implementations should be immutable (value object semantics, 44 * like a String). This is because the <code>UserDetails</code> will be 45 * stored in caches and as such multiple threads may use the same instance. 46 * </p> 47 * 48 * @author Ben Alex 49 * @version $Id: UserDetails.java 2735 2008-03-16 04:02:55Z benalex $ 50 */ 51 public interface UserDetails extends Serializable { 52 //~ Methods ======================================================================================================== 53 54 /** 55 * Returns the authorities granted to the user. Cannot return <code>null</code>. 56 * 57 * @return the authorities, sorted by natural key (never <code>null</code>) 58 */ 59 GrantedAuthority[] getAuthorities(); 60 61 /** 62 * Returns the password used to authenticate the user. Cannot return <code>null</code>. 63 * 64 * @return the password (never <code>null</code>) 65 */ 66 String getPassword(); 67 68 /** 69 * Returns the username used to authenticate the user. Cannot return <code>null</code>. 70 * 71 * @return the username (never <code>null</code>) 72 */ 73 String getUsername(); 74 75 /** 76 * Indicates whether the user's account has expired. An expired account cannot be authenticated. 77 * 78 * @return <code>true</code> if the user's account is valid (ie non-expired), <code>false</code> if no longer valid 79 * (ie expired) 80 */ 81 boolean isAccountNonExpired(); 82 83 /** 84 * Indicates whether the user is locked or unlocked. A locked user cannot be authenticated. 85 * 86 * @return <code>true</code> if the user is not locked, <code>false</code> otherwise 87 */ 88 boolean isAccountNonLocked(); 89 90 /** 91 * Indicates whether the user's credentials (password) has expired. Expired credentials prevent 92 * authentication. 93 * 94 * @return <code>true</code> if the user's credentials are valid (ie non-expired), <code>false</code> if no longer 95 * valid (ie expired) 96 */ 97 boolean isCredentialsNonExpired(); 98 99 /** 100 * Indicates whether the user is enabled or disabled. A disabled user cannot be authenticated. 101 * 102 * @return <code>true</code> if the user is enabled, <code>false</code> otherwise 103 */ 104 boolean isEnabled(); 105 }