Skip to main content
summaryrefslogtreecommitdiffstats
path: root/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/IAuthenticator2.java
blob: fe8cc7031e8bf4412270d94ca1e3111fb6525313 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47

/*
 * Copyright (c) 2013 Eike Stepper (Berlin, Germany) and others.
 * All rights reserved. This program and the accompanying materials
 * are made available under the terms of the Eclipse Public License v1.0
 * which accompanies this distribution, and is available at
 * http://www.eclipse.org/legal/epl-v10.html
 * 
 * Contributors:
 *    Christian W. Damus (CEA LIST) - initial API and implementation
 */
package org.eclipse.net4j.util.security;

/**
 * Extension interface for authenticators that can update user credentials in addition to authenticating them.
 * 
 * @since 3.4
 */
public interface IAuthenticator2 extends IAuthenticator
{

  /**
   * Updates the password <em>stored</em> for the user identified by {@code userID}.  The {@code oldPassword} is authenticated
   * {@linkplain IAuthenticator#authenticate(String, char[]) as per usual} and is replaced by the {@code newPassword} only
   * (and atomically) on success.
   * 
   * @param userID the ID of the user whose password is to be updated
   * @param oldPassword the user's current password attempt to verify against the <em>stored</em> password
   * @param newPassword the new password to replace the {@code oldPassword}
   * 
   * @throws SecurityException on any failure to authenticate the {@code oldPassword} or validate and/or set the {@code newPassword}
   */
  void updatePassword(String userID, char[] oldPassword, char[] newPassword);

  /**
   * Performs an administrative resets of the password <em>stored</em> for the user identified by {@code userID}.
   * The {@code adminID} and {@code adminPassword} must {@linkplain IAuthenticator#authenticate(String, char[]) authenticate}
   * to permit the {@code userID}'s password to be set to the {@code newPassword}.
   * 
   * @param adminID the ID of the administrator requesting the reset
   * @param adminPassword the administrator's password
   * @param userID the ID of the user whose password is to be reset
   * @param newPassword the new password to replace the user's old password
   * 
   * @throws SecurityException on any failure to authenticate the {@code oldPassword} or validate and/or set the {@code newPassword}
   */
  void resetPassword(String adminID, char[] adminPassword, String userID, char[] newPassword);
}

Back to the top