The four Java interfaces are the following:

1. RequestRecognizer: This component is responsible for recognizing and filling in HTTP requests that constitute login requests for websites. The set of SSO-enables websites is defined as the set of websites for which the RequestRecognizer component recognizes login requests. The RequestRecognizer component is active in step 1 of the figure (as it identifies a login request) and in step 3 (as it "fills in" the request such that it results in the user being logged into the website). A developer needs to implement this interface in order to extend the set of SSO-enabled websites.
2. ChallengeReponseManager: This component is responsible for creating challenges (which are issued in step 2.1 of the figure), checking whether a given Impostor username is valid, and checking whether or not the response to a given challenge is valid (step 2.2). A developer needs to implement this interface in order to make Impostor use a particular challenge/response mechanism.
3. UserManager: This component provides the mapping between the username of any given Impostor user and his/her website-specific authentication credentials (which are typically username/password pairs). The UserManager component is active in step 3 of the figure, as it is used to acquire the user's website-specific authentication credentials. In other words, this component implements Impostor's credential database. A developer can make Impostor use the credential database of his/her choice by implementing this interface.
4. ContentFilter: This component provides the service of content filtering in step 4 of the figure. It is supposed to look for sensitive information that should not be sent to the user's machine and (optionally) replace it with other data. In order to change Impostor's content filtering bahavior, a developer needs to implement this interface.

For exact definitions you can also have a look at the Java API.