All Implemented Interfaces:
org.springframework.beans.factory.Aware
,
org.springframework.beans.factory.InitializingBean
,
org.springframework.context.MessageSourceAware
,
org.springframework.security.authentication.AuthenticationProvider
Direct Known Subclasses:
AbstractAcceleratorAuthenticationProvider
,
BackofficeAuthenticationProvider
,
CockpitAuthenticationProvider
,
PunchOutCoreAuthenticationProvider
public class CoreAuthenticationProvider
extends java.lang.Object
implements org.springframework.security.authentication.AuthenticationProvider, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware
A base
AuthenticationProvider
which is designed to respond to
UsernamePasswordAuthenticationToken
and
RememberMeAuthenticationToken
authentication requests.
Upon successful validation, a
UsernamePasswordAuthenticationToken
or
RememberMeAuthenticationToken
will be created and returned to the caller. The token will include as its
principal either a
String
representation of the username, or the
CoreUserDetails
that was
returned from the authentication repository. Using
String
is appropriate if a container adapter is being
used, as it expects
String
representations of the username. Using
CoreUserDetails
is
appropriate if you require access to additional properties of the authenticated user, such as email addresses,
human-friendly names etc. As container adapters are not recommended to be used, and
CoreUserDetails
implementations provide additional flexibility, by default a
CoreUserDetails
is returned.
protected void
additionalAuthenticationChecks
(org.springframework.security.core.userdetails.UserDetails details,
org.springframework.security.authentication.AbstractAuthenticationToken authentication)
afterPropertiesSet
()
org.springframework.security.core.Authentication
authenticate
(org.springframework.security.core.Authentication authentication)
protected org.springframework.security.core.Authentication
createSuccessAuthentication
(org.springframework.security.core.Authentication authentication,
org.springframework.security.core.userdetails.UserDetails user)
Creates a successful
Authentication
object.
org.springframework.security.core.userdetails.UserDetailsChecker
getPreAuthenticationChecks
()
org.springframework.security.core.userdetails.UserDetailsService
getUserDetailsService
()
protected org.springframework.security.core.userdetails.UserDetails
retrieveUser
(java.lang.String username)
setMessageSource
(org.springframework.context.MessageSource messageSource)
setPreAuthenticationChecks
(org.springframework.security.core.userdetails.UserDetailsChecker preAuthenticationChecks)
setUserDetailsService
(org.springframework.security.core.userdetails.UserDetailsService userDetailsService)
boolean
supports
(java.lang.Class authentication)
setMessageSource
public void setMessageSource(org.springframework.context.MessageSource messageSource)
Specified by:
setMessageSource
in interface
org.springframework.context.MessageSourceAware
Specified by:
afterPropertiesSet
in interface
org.springframework.beans.factory.InitializingBean
Throws:
java.lang.Exception
authenticate
public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication)
throws org.springframework.security.core.AuthenticationException
Specified by:
authenticate
in interface
org.springframework.security.authentication.AuthenticationProvider
Throws:
org.springframework.security.core.AuthenticationException
additionalAuthenticationChecks
protected void additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails details,
org.springframework.security.authentication.AbstractAuthenticationToken authentication)
throws org.springframework.security.core.AuthenticationException
Throws:
org.springframework.security.core.AuthenticationException
retrieveUser
protected final org.springframework.security.core.userdetails.UserDetails retrieveUser(java.lang.String username)
throws org.springframework.security.core.AuthenticationException
Throws:
org.springframework.security.core.AuthenticationException
createSuccessAuthentication
protected org.springframework.security.core.Authentication createSuccessAuthentication(org.springframework.security.core.Authentication authentication,
org.springframework.security.core.userdetails.UserDetails user)
Creates a successful
Authentication
object.
Protected so subclasses can override.
Subclasses will usually store the original credentials the user supplied (not salted or encoded passwords) in the
returned
Authentication
object.
Parameters:
authentication
- that was presented to the provider for validation
user
- that was loaded by the implementation
Returns:
the successful authentication token
