org.springframework.security.web.authentication.preauth
Class PreAuthenticatedAuthenticationProvider

java.lang.Object
  extended by org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
All Implemented Interfaces:
InitializingBean, Ordered, AuthenticationProvider

public class PreAuthenticatedAuthenticationProvider
extends Object
implements AuthenticationProvider, InitializingBean, Ordered

Processes a pre-authenticated authentication request. The request will typically originate from a AbstractPreAuthenticatedProcessingFilter subclass.

This authentication provider will not perform any checks on authentication requests, as they should already be pre-authenticated. However, the AuthenticationUserDetailsService implementation may still throw a UsernameNotFoundException, for example.

Since:
2.0

Field Summary
 
Fields inherited from interface org.springframework.core.Ordered
HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE
 
Constructor Summary
PreAuthenticatedAuthenticationProvider()
           
 
Method Summary
 void afterPropertiesSet()
          Check whether all required properties have been set.
 Authentication authenticate(Authentication authentication)
          Authenticate the given PreAuthenticatedAuthenticationToken.
 int getOrder()
           
 void setOrder(int i)
           
 void setPreAuthenticatedUserDetailsService(AuthenticationUserDetailsService aPreAuthenticatedUserDetailsService)
          Set the AuthenticatedUserDetailsServices to be used.
 void setThrowExceptionWhenTokenRejected(boolean throwExceptionWhenTokenRejected)
          If true, causes the provider to throw a BadCredentialsException if the presented authentication request is invalid (contains a null principal or credentials).
 void setUserDetailsChecker(UserDetailsChecker userDetailsChecker)
          Sets the strategy which will be used to validate the loaded UserDetails object for the user.
 boolean supports(Class<? extends Object> authentication)
          Indicate that this provider only supports PreAuthenticatedAuthenticationToken (sub)classes.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

PreAuthenticatedAuthenticationProvider

public PreAuthenticatedAuthenticationProvider()
Method Detail

afterPropertiesSet

public void afterPropertiesSet()
Check whether all required properties have been set.

Specified by:
afterPropertiesSet in interface InitializingBean

authenticate

public Authentication authenticate(Authentication authentication)
                            throws AuthenticationException
Authenticate the given PreAuthenticatedAuthenticationToken.

If the principal contained in the authentication object is null, the request will be ignored to allow other providers to authenticate it.

Specified by:
authenticate in interface AuthenticationProvider
Parameters:
authentication - the authentication request object.
Returns:
a fully authenticated object including credentials. May return null if the AuthenticationProvider is unable to support authentication of the passed Authentication object. In such a case, the next AuthenticationProvider that supports the presented Authentication class will be tried.
Throws:
AuthenticationException - if authentication fails.

supports

public boolean supports(Class<? extends Object> authentication)
Indicate that this provider only supports PreAuthenticatedAuthenticationToken (sub)classes.

Specified by:
supports in interface AuthenticationProvider
Returns:
true if the implementation can more closely evaluate the Authentication class presented

setPreAuthenticatedUserDetailsService

public void setPreAuthenticatedUserDetailsService(AuthenticationUserDetailsService aPreAuthenticatedUserDetailsService)
Set the AuthenticatedUserDetailsServices to be used.

Parameters:
aPreAuthenticatedUserDetailsService -

getOrder

public int getOrder()
Specified by:
getOrder in interface Ordered

setOrder

public void setOrder(int i)

setThrowExceptionWhenTokenRejected

public void setThrowExceptionWhenTokenRejected(boolean throwExceptionWhenTokenRejected)
If true, causes the provider to throw a BadCredentialsException if the presented authentication request is invalid (contains a null principal or credentials). Otherwise it will just return null. Defaults to false.


setUserDetailsChecker

public void setUserDetailsChecker(UserDetailsChecker userDetailsChecker)
Sets the strategy which will be used to validate the loaded UserDetails object for the user. Defaults to an AccountStatusUserDetailsChecker.

Parameters:
userDetailsChecker -