1 /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
2 *
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 package org.springframework.security.userdetails;
17
18 import org.springframework.security.Authentication;
19 import org.springframework.security.GrantedAuthority;
20
21 import java.io.Serializable;
22
23
24 /**
25 * Provides core user information.
26 *
27 * <p>
28 * Implementations are not used directly by Spring Security for security
29 * purposes. They simply store user information which is later encapsulated
30 * into {@link Authentication} objects. This allows non-security related user
31 * information (such as email addresses, telephone numbers etc) to be stored
32 * in a convenient location.
33 * </p>
34 *
35 * <p>
36 * Concrete implementations must take particular care to ensure the non-null
37 * contract detailed for each method is enforced. See
38 * {@link org.springframework.security.userdetails.User} for a
39 * reference implementation (which you might like to extend).
40 * </p>
41 *
42 * <p>
43 * Concrete implementations should be immutable (value object semantics,
44 * like a String). This is because the <code>UserDetails</code> will be
45 * stored in caches and as such multiple threads may use the same instance.
46 * </p>
47 *
48 * @author Ben Alex
49 * @version $Id: UserDetails.java 2735 2008-03-16 04:02:55Z benalex $
50 */
51 public interface UserDetails extends Serializable {
52 //~ Methods ========================================================================================================
53
54 /**
55 * Returns the authorities granted to the user. Cannot return <code>null</code>.
56 *
57 * @return the authorities, sorted by natural key (never <code>null</code>)
58 */
59 GrantedAuthority[] getAuthorities();
60
61 /**
62 * Returns the password used to authenticate the user. Cannot return <code>null</code>.
63 *
64 * @return the password (never <code>null</code>)
65 */
66 String getPassword();
67
68 /**
69 * Returns the username used to authenticate the user. Cannot return <code>null</code>.
70 *
71 * @return the username (never <code>null</code>)
72 */
73 String getUsername();
74
75 /**
76 * Indicates whether the user's account has expired. An expired account cannot be authenticated.
77 *
78 * @return <code>true</code> if the user's account is valid (ie non-expired), <code>false</code> if no longer valid
79 * (ie expired)
80 */
81 boolean isAccountNonExpired();
82
83 /**
84 * Indicates whether the user is locked or unlocked. A locked user cannot be authenticated.
85 *
86 * @return <code>true</code> if the user is not locked, <code>false</code> otherwise
87 */
88 boolean isAccountNonLocked();
89
90 /**
91 * Indicates whether the user's credentials (password) has expired. Expired credentials prevent
92 * authentication.
93 *
94 * @return <code>true</code> if the user's credentials are valid (ie non-expired), <code>false</code> if no longer
95 * valid (ie expired)
96 */
97 boolean isCredentialsNonExpired();
98
99 /**
100 * Indicates whether the user is enabled or disabled. A disabled user cannot be authenticated.
101 *
102 * @return <code>true</code> if the user is enabled, <code>false</code> otherwise
103 */
104 boolean isEnabled();
105 }