1 package org.modeshape.graph; 2 3 import net.jcip.annotations.NotThreadSafe; 4 5 /** 6 * A security context provides a pluggable means to support disparate authentication and authorization mechanisms that specify the 7 * user name and roles. 8 * <p> 9 * A security context should only be associated with the execution context <b>after</b> authentication has occurred. 10 * </p> 11 */ 12 @NotThreadSafe 13 public interface SecurityContext { 14 15 /** 16 * Returns the authenticated user's name 17 * 18 * @return the authenticated user's name 19 */ 20 String getUserName(); 21 22 /** 23 * Returns whether the authenticated user has the given role. 24 * 25 * @param roleName the name of the role to check 26 * @return true if the user has the role and is logged in; false otherwise 27 */ 28 boolean hasRole( String roleName ); 29 30 /** 31 * Logs the user out of the authentication mechanism. 32 * <p> 33 * For some authentication mechanisms, this will be implemented as a no-op. 34 * </p> 35 */ 36 void logout(); 37 38 }