public class DefaultJaasAuthenticationProvider extends AbstractJaasAuthenticationProvider
Creates a LoginContext using the Configuration provided to it. This allows
the configuration to be injected regardless of the value of
Configuration.getConfiguration()
.
While not bound to any particular Configuration implementation, an in memory version of a JAAS
configuration can be represented using InMemoryConfiguration
.
The following JAAS configuration:
SPRINGSECURITY { sample.SampleLoginModule required; };
Can be represented as follows:
<bean id="jaasAuthProvider" class="org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider"> <property name="configuration"> <bean class="org.springframework.security.authentication.jaas.memory.InMemoryConfiguration"> <constructor-arg> <map> <!-- SPRINGSECURITY is the default loginContextName for AbstractJaasAuthenticationProvider--> <entry key="SPRINGSECURITY"> <array> <bean class="javax.security.auth.login.AppConfigurationEntry"> <constructor-arg value="sample.SampleLoginModule" /> <constructor-arg> <util:constant static-field="javax.security.auth.login.AppConfigurationEntry$LoginModuleControlFlag.REQUIRED" /> </constructor-arg> <constructor-arg> <map></map> </constructor-arg> </bean> </array> </entry> </map> </constructor-arg> </bean> </property> <property name="authorityGranters"> <list> <!-- You will need to write your own implementation of AuthorityGranter --> <bean class="org.springframework.security.authentication.jaas.TestAuthorityGranter"/> </list> </property> </bean>
log
Constructor and Description |
---|
DefaultJaasAuthenticationProvider() |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet()
Validates the required properties are set.
|
protected LoginContext |
createLoginContext(CallbackHandler handler)
Creates a LoginContext using the Configuration that was specified in
setConfiguration(Configuration) . |
protected Configuration |
getConfiguration() |
void |
setConfiguration(Configuration configuration)
Sets the Configuration to use for Authentication.
|
authenticate, getApplicationEventPublisher, handleLogout, onApplicationEvent, publishFailureEvent, publishSuccessEvent, setApplicationEventPublisher, setAuthorityGranters, setCallbackHandlers, setLoginContextName, setLoginExceptionResolver, supports
public void afterPropertiesSet() throws Exception
AbstractJaasAuthenticationProvider
AbstractJaasAuthenticationProvider.setCallbackHandlers(JaasAuthenticationCallbackHandler[])
has not
been called with valid handlers, initializes to use
JaasNameCallbackHandler
and JaasPasswordCallbackHandler
.afterPropertiesSet
in interface InitializingBean
afterPropertiesSet
in class AbstractJaasAuthenticationProvider
Exception
protected LoginContext createLoginContext(CallbackHandler handler) throws LoginException
setConfiguration(Configuration)
.createLoginContext
in class AbstractJaasAuthenticationProvider
handler
- The CallbackHandler that should be used for the LoginContext (never null
).LoginException
protected Configuration getConfiguration()
public void setConfiguration(Configuration configuration)
configuration
- the Configuration that is used when
createLoginContext(CallbackHandler)
is called.