org.springframework.security.authentication.jaas
Class DefaultJaasAuthenticationProvider

java.lang.Object
  extended by org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
      extended by org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider
All Implemented Interfaces:
EventListener, Aware, InitializingBean, ApplicationEventPublisherAware, ApplicationListener<SessionDestroyedEvent>, AuthenticationProvider

public class DefaultJaasAuthenticationProvider
extends AbstractJaasAuthenticationProvider

Creates a LoginContext using the Configuration provided to it. This allows the configuration to be injected regardless of the value of Configuration.getConfiguration().

While not bound to any particular Configuration implementation, an in memory version of a JAAS configuration can be represented using InMemoryConfiguration.

The following JAAS configuration:

 SPRINGSECURITY {
    sample.SampleLoginModule required;
  };
 

Can be represented as follows:

 <bean id="jaasAuthProvider" class="org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider">
   <property name="configuration">
     <bean class="org.springframework.security.authentication.jaas.memory.InMemoryConfiguration">
       <constructor-arg>
         <map>
           <!-- SPRINGSECURITY is the default loginContextName for AbstractJaasAuthenticationProvider-->
           <entry key="SPRINGSECURITY">
             <array>
               <bean class="javax.security.auth.login.AppConfigurationEntry">
                 <constructor-arg value="sample.SampleLoginModule" />
                 <constructor-arg>
                   <util:constant static-field="javax.security.auth.login.AppConfigurationEntry$LoginModuleControlFlag.REQUIRED" />
                 </constructor-arg>
                 <constructor-arg>
                   <map></map>
                 </constructor-arg>
               </bean>
             </array>
           </entry>
         </map>
       </constructor-arg>
     </bean>
   </property>
   <property name="authorityGranters">
     <list>
       <!-- You will need to write your own implementation of AuthorityGranter -->
       <bean class="org.springframework.security.authentication.jaas.TestAuthorityGranter"/>
     </list>
   </property>
 </bean>
 

See Also:
AbstractJaasAuthenticationProvider, InMemoryConfiguration

Field Summary
 
Fields inherited from class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
log
 
Constructor Summary
DefaultJaasAuthenticationProvider()
           
 
Method Summary
 void afterPropertiesSet()
          Validates the required properties are set.
protected  LoginContext createLoginContext(CallbackHandler handler)
          Creates a LoginContext using the Configuration that was specified in setConfiguration(Configuration).
protected  Configuration getConfiguration()
           
 void setConfiguration(Configuration configuration)
          Sets the Configuration to use for Authentication.
 
Methods inherited from class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider
authenticate, getApplicationEventPublisher, handleLogout, onApplicationEvent, publishFailureEvent, publishSuccessEvent, setApplicationEventPublisher, setAuthorityGranters, setCallbackHandlers, setLoginContextName, setLoginExceptionResolver, supports
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DefaultJaasAuthenticationProvider

public DefaultJaasAuthenticationProvider()
Method Detail

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception
Description copied from class: AbstractJaasAuthenticationProvider
Validates the required properties are set. In addition, if AbstractJaasAuthenticationProvider.setCallbackHandlers(JaasAuthenticationCallbackHandler[]) has not been called with valid handlers, initializes to use JaasNameCallbackHandler and JaasPasswordCallbackHandler.

Specified by:
afterPropertiesSet in interface InitializingBean
Overrides:
afterPropertiesSet in class AbstractJaasAuthenticationProvider
Throws:
Exception

createLoginContext

protected LoginContext createLoginContext(CallbackHandler handler)
                                   throws LoginException
Creates a LoginContext using the Configuration that was specified in setConfiguration(Configuration).

Specified by:
createLoginContext in class AbstractJaasAuthenticationProvider
Parameters:
handler - The CallbackHandler that should be used for the LoginContext (never null).
Returns:
the LoginContext to use for authentication.
Throws:
LoginException

getConfiguration

protected Configuration getConfiguration()

setConfiguration

public void setConfiguration(Configuration configuration)
Sets the Configuration to use for Authentication.

Parameters:
configuration - the Configuration that is used when createLoginContext(CallbackHandler) is called.