Package org.springframework.security.cas.authentication

Class CasServiceTicketAuthenticationToken

java.lang.Object

org.springframework.security.authentication.AbstractAuthenticationToken

org.springframework.security.cas.authentication.CasServiceTicketAuthenticationToken

All Implemented Interfaces:

Serializable, Principal, Authentication, CredentialsContainer

public class CasServiceTicketAuthenticationToken
extends AbstractAuthenticationToken

An Authentication implementation that is designed to process CAS service ticket.

Since:

6.1

See Also:

• Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	CasServiceTicketAuthenticationToken.Builder<B extends CasServiceTicketAuthenticationToken.Builder<B>>	A builder of CasServiceTicketAuthenticationToken instances

Nested classes/interfaces inherited from class org.springframework.security.authentication.AbstractAuthenticationToken

AbstractAuthenticationToken.AbstractAuthenticationBuilder<B extends AbstractAuthenticationToken.AbstractAuthenticationBuilder<B>>

Constructor Summary

Constructors

Modifier	Constructor	Description
	CasServiceTicketAuthenticationToken(String identifier, Object credentials)	This constructor can be safely used by any code that wishes to create a CasServiceTicketAuthenticationToken, as the AbstractAuthenticationToken.isAuthenticated() will return false.
	CasServiceTicketAuthenticationToken(String identifier, Object credentials, Collection<? extends GrantedAuthority> authorities)	This constructor should only be used by AuthenticationManager or AuthenticationProvider implementations that are satisfied with producing a trusted (i.e.
protected	CasServiceTicketAuthenticationToken(CasServiceTicketAuthenticationToken.Builder<?> builder)

Method Summary

Modifier and Type	Method	Description
void	eraseCredentials()	Checks the credentials, principal and details objects, invoking the eraseCredentials method on any which implement CredentialsContainer.
@Nullable Object	getCredentials()	The credentials that prove the principal is correct.
Object	getPrincipal()	The identity of the principal being authenticated.
boolean	isStateless()
void	setAuthenticated(boolean isAuthenticated)	See Authentication.isAuthenticated() for a full description.
static CasServiceTicketAuthenticationToken	stateful(Object credentials)
static CasServiceTicketAuthenticationToken	stateless(Object credentials)
CasServiceTicketAuthenticationToken.Builder<?>	toBuilder()	Return an Authentication.Builder based on this instance.

Methods inherited from class org.springframework.security.authentication.AbstractAuthenticationToken

equals, getAuthorities, getDetails, getName, hashCode, isAuthenticated, setDetails, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface java.security.Principal

implies

Constructor Details

CasServiceTicketAuthenticationToken

public CasServiceTicketAuthenticationToken(String identifier,
 Object credentials)

This constructor can be safely used by any code that wishes to create a CasServiceTicketAuthenticationToken, as the AbstractAuthenticationToken.isAuthenticated() will return false.

CasServiceTicketAuthenticationToken

public CasServiceTicketAuthenticationToken(String identifier,
 Object credentials,
 Collection<? extends GrantedAuthority> authorities)

This constructor should only be used by AuthenticationManager or AuthenticationProvider implementations that are satisfied with producing a trusted (i.e. AbstractAuthenticationToken.isAuthenticated() = true) authentication token.

Parameters:

identifier -

credentials -

authorities -

CasServiceTicketAuthenticationToken

protected CasServiceTicketAuthenticationToken(CasServiceTicketAuthenticationToken.Builder<?> builder)

Method Details

stateful

public static CasServiceTicketAuthenticationToken stateful(Object credentials)

stateless

public static CasServiceTicketAuthenticationToken stateless(Object credentials)

isStateless

public boolean isStateless()

getCredentials

public @Nullable Object getCredentials()

Description copied from interface: Authentication

The credentials that prove the principal is correct. This is usually a password, but could be anything relevant to the AuthenticationManager. Callers are expected to populate the credentials.

Returns:

the credentials that prove the identity of the Principal

getPrincipal

public Object getPrincipal()

Description copied from interface: Authentication

The identity of the principal being authenticated. In the case of an authentication request with username and password, this would be the username. Callers are expected to populate the principal for an authentication request.

The AuthenticationManager implementation will often return an Authentication containing richer information as the principal for use by the application. Many of the authentication providers will create a UserDetails object as the principal.

Returns:

the Principal being authenticated or the authenticated principal after authentication.

setAuthenticated

public void setAuthenticated(boolean isAuthenticated)
                      throws IllegalArgumentException

Description copied from interface: Authentication

See Authentication.isAuthenticated() for a full description.

Implementations should always allow this method to be called with a false parameter, as this is used by various classes to specify the authentication token should not be trusted. If an implementation wishes to reject an invocation with a true parameter (which would indicate the authentication token is trusted - a potential security risk) the implementation should throw an IllegalArgumentException.

Specified by:

setAuthenticated in interface Authentication

Overrides:

setAuthenticated in class AbstractAuthenticationToken

Parameters:

isAuthenticated - true if the token should be trusted (which may result in an exception) or false if the token should not be trusted

Throws:

IllegalArgumentException - if an attempt to make the authentication token trusted (by passing true as the argument) is rejected due to the implementation being immutable or implementing its own alternative approach to Authentication.isAuthenticated()

eraseCredentials

public void eraseCredentials()

Description copied from class: AbstractAuthenticationToken

Checks the credentials, principal and details objects, invoking the eraseCredentials method on any which implement CredentialsContainer.

Specified by:

eraseCredentials in interface CredentialsContainer

Overrides:

eraseCredentials in class AbstractAuthenticationToken

toBuilder

public CasServiceTicketAuthenticationToken.Builder<?> toBuilder()

Description copied from interface: Authentication

Return an Authentication.Builder based on this instance. By default, returns a builder that builds a SimpleAuthentication.

Although a default method, all Authentication implementations should implement this. The reason is to ensure that the Authentication type is preserved when Authentication.Builder.build() is invoked. This is especially important in the event that your authentication implementation contains custom fields.

This isn't strictly necessary since it is recommended that applications code to the Authentication interface and that custom information is often contained in the Authentication.getPrincipal() value.

Returns:

an Authentication.Builder for building a new Authentication based on this instance