001/**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements.  See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License.  You may obtain a copy of the License at
008 *
009 *      http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017package org.apache.activemq.security;
018
019import java.security.cert.X509Certificate;
020
021/**
022 * Base for all broker plugins that wish to provide connection authentication services
023 */
024public interface AuthenticationBroker {
025
026    /**
027     * Authenticate the given user using the mechanism provided by this service.
028     *
029     * @param username
030     *        the given user name to authenticate, null indicates an anonymous user.
031     * @param password
032     *        the given password for the user to authenticate.
033     * @param peerCertificates
034     *        for an SSL channel the certificates from remote peer.
035     *
036     * @return a new SecurityContext for the authenticated user.
037     *
038     * @throws SecurityException if the user cannot be authenticated.
039     */
040    SecurityContext authenticate(String username, String password, X509Certificate[] peerCertificates) throws SecurityException;
041
042}