org.springframework.security.authentication
Class RememberMeAuthenticationProvider

java.lang.Object
  org.springframework.security.authentication.RememberMeAuthenticationProvider

All Implemented Interfaces:

Aware, InitializingBean, MessageSourceAware, AuthenticationProvider

public class RememberMeAuthenticationProvider
extends Object
implements AuthenticationProvider, InitializingBean, MessageSourceAware

An AuthenticationProvider implementation that validates RememberMeAuthenticationTokens.

To be successfully validated, the RememberMeAuthenticationToken.getKeyHash() must match this class' getKey().

Field Summary

protected MessageSourceAccessor

messages

Constructor Summary

RememberMeAuthenticationProvider()
Deprecated. Use constructor injection

RememberMeAuthenticationProvider(String key)

Method Summary

void	afterPropertiesSet()
Authentication	authenticate(Authentication authentication) Performs authentication with the same contract as AuthenticationManager.authenticate(Authentication).
String	getKey()
void	setKey(String key) Deprecated. Use constructor injection
void	setMessageSource(MessageSource messageSource)
boolean	supports(Class<?> authentication) Returns true if this AuthenticationProvider supports the indicated Authentication object.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

messages

protected MessageSourceAccessor messages

Constructor Detail

RememberMeAuthenticationProvider

@Deprecated
public RememberMeAuthenticationProvider()

Deprecated. Use constructor injection

RememberMeAuthenticationProvider

public RememberMeAuthenticationProvider(String key)

Method Detail

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception

Specified by:

afterPropertiesSet in interface InitializingBean

Throws:

Exception

authenticate

public Authentication authenticate(Authentication authentication)
                            throws AuthenticationException

Description copied from interface: AuthenticationProvider

Performs authentication with the same contract as AuthenticationManager.authenticate(Authentication).

Specified by:

authenticate in interface AuthenticationProvider

Parameters:

authentication - the authentication request object.

Returns:

a fully authenticated object including credentials. May return null if the AuthenticationProvider is unable to support authentication of the passed Authentication object. In such a case, the next AuthenticationProvider that supports the presented Authentication class will be tried.

Throws:

AuthenticationException - if authentication fails.

getKey

public String getKey()

setKey

@Deprecated
public void setKey(String key)

Deprecated. Use constructor injection

setMessageSource

public void setMessageSource(MessageSource messageSource)

Specified by:

setMessageSource in interface MessageSourceAware

supports

public boolean supports(Class<?> authentication)

Description copied from interface: AuthenticationProvider

Returns true if this AuthenticationProvider supports the indicated Authentication object.

Returning true does not guarantee an AuthenticationProvider will be able to authenticate the presented instance of the Authentication class. It simply indicates it can support closer evaluation of it. An AuthenticationProvider can still return null from the AuthenticationProvider.authenticate(Authentication) method to indicate another AuthenticationProvider should be tried.

Selection of an AuthenticationProvider capable of performing authentication is conducted at runtime the ProviderManager.

Specified by:

supports in interface AuthenticationProvider

Returns:

true if the implementation can more closely evaluate the Authentication class presented