public class AuthenticationTrustResolverImpl extends Object implements AuthenticationTrustResolver
AuthenticationTrustResolver
.
Makes trust decisions based on whether the passed Authentication
is an
instance of a defined class.
If anonymousClass
or rememberMeClass
is null
, the
corresponding method will always return false
.
Constructor and Description |
---|
AuthenticationTrustResolverImpl() |
Modifier and Type | Method and Description |
---|---|
boolean |
isAnonymous(Authentication authentication)
Indicates whether the passed
Authentication token represents an
anonymous user. |
boolean |
isRememberMe(Authentication authentication)
Indicates whether the passed
Authentication token represents user that
has been remembered (i.e. |
void |
setAnonymousClass(Class<? extends Authentication> anonymousClass) |
void |
setRememberMeClass(Class<? extends Authentication> rememberMeClass) |
public boolean isAnonymous(Authentication authentication)
AuthenticationTrustResolver
Authentication
token represents an
anonymous user. Typically the framework will call this method if it is trying to
decide whether an AccessDeniedException
should result in a final
rejection (i.e. as would be the case if the principal was non-anonymous/fully
authenticated) or direct the principal to attempt actual authentication (i.e. as
would be the case if the Authentication
was merely anonymous).isAnonymous
in interface AuthenticationTrustResolver
authentication
- to test (may be null
in which case the method
will always return false
)true
the passed authentication token represented an anonymous
principal, false
otherwisepublic boolean isRememberMe(Authentication authentication)
AuthenticationTrustResolver
Authentication
token represents user that
has been remembered (i.e. not a user that has been fully authenticated).
The method is provided to assist with custom AccessDecisionVoter
s and
the like that you might develop. Of course, you don't need to use this method
either and can develop your own "trust level" hierarchy instead.
isRememberMe
in interface AuthenticationTrustResolver
authentication
- to test (may be null
in which case the method
will always return false
)true
the passed authentication token represented a principal
authenticated using a remember-me token, false
otherwisepublic void setAnonymousClass(Class<? extends Authentication> anonymousClass)
public void setRememberMeClass(Class<? extends Authentication> rememberMeClass)