public class CasAuthenticationProvider extends Object implements AuthenticationProvider, InitializingBean, MessageSourceAware
AuthenticationProvider
implementation that integrates with JA-SIG Central
Authentication Service (CAS).
This AuthenticationProvider
is capable of validating
UsernamePasswordAuthenticationToken
requests which contain a
principal
name equal to either
CasAuthenticationFilter.CAS_STATEFUL_IDENTIFIER
or
CasAuthenticationFilter.CAS_STATELESS_IDENTIFIER
. It can also validate a
previously created CasAuthenticationToken
.
Modifier and Type | Field and Description |
---|---|
protected MessageSourceAccessor |
messages |
Constructor and Description |
---|
CasAuthenticationProvider() |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet() |
Authentication |
authenticate(Authentication authentication)
Performs authentication with the same contract as
AuthenticationManager.authenticate(Authentication)
. |
protected String |
getKey() |
StatelessTicketCache |
getStatelessTicketCache() |
protected org.jasig.cas.client.validation.TicketValidator |
getTicketValidator() |
protected UserDetails |
loadUserByAssertion(org.jasig.cas.client.validation.Assertion assertion)
Template method for retrieving the UserDetails based on the assertion.
|
void |
setAuthenticationUserDetailsService(AuthenticationUserDetailsService<CasAssertionAuthenticationToken> authenticationUserDetailsService) |
void |
setAuthoritiesMapper(GrantedAuthoritiesMapper authoritiesMapper) |
void |
setKey(String key) |
void |
setMessageSource(MessageSource messageSource) |
void |
setServiceProperties(ServiceProperties serviceProperties) |
void |
setStatelessTicketCache(StatelessTicketCache statelessTicketCache) |
void |
setTicketValidator(org.jasig.cas.client.validation.TicketValidator ticketValidator) |
void |
setUserDetailsService(UserDetailsService userDetailsService) |
boolean |
supports(Class<?> authentication)
Returns
true if this AuthenticationProvider supports the
indicated Authentication object. |
protected MessageSourceAccessor messages
public void afterPropertiesSet() throws Exception
afterPropertiesSet
in interface InitializingBean
Exception
public Authentication authenticate(Authentication authentication) throws AuthenticationException
AuthenticationProvider
AuthenticationManager.authenticate(Authentication)
.authenticate
in interface AuthenticationProvider
authentication
- the authentication request object.null
if the AuthenticationProvider
is unable to support
authentication of the passed Authentication
object. In such a case,
the next AuthenticationProvider
that supports the presented
Authentication
class will be tried.AuthenticationException
- if authentication fails.protected UserDetails loadUserByAssertion(org.jasig.cas.client.validation.Assertion assertion)
assertion
- The CAS Assertion.public void setUserDetailsService(UserDetailsService userDetailsService)
public void setAuthenticationUserDetailsService(AuthenticationUserDetailsService<CasAssertionAuthenticationToken> authenticationUserDetailsService)
public void setServiceProperties(ServiceProperties serviceProperties)
protected String getKey()
public void setKey(String key)
public StatelessTicketCache getStatelessTicketCache()
protected org.jasig.cas.client.validation.TicketValidator getTicketValidator()
public void setMessageSource(MessageSource messageSource)
setMessageSource
in interface MessageSourceAware
public void setStatelessTicketCache(StatelessTicketCache statelessTicketCache)
public void setTicketValidator(org.jasig.cas.client.validation.TicketValidator ticketValidator)
public void setAuthoritiesMapper(GrantedAuthoritiesMapper authoritiesMapper)
public boolean supports(Class<?> authentication)
AuthenticationProvider
true
if this AuthenticationProvider
supports the
indicated Authentication
object.
Returning true
does not guarantee an
AuthenticationProvider
will be able to authenticate the presented
instance of the Authentication
class. It simply indicates it can
support closer evaluation of it. An AuthenticationProvider
can still
return null
from the AuthenticationProvider.authenticate(Authentication)
method to
indicate another AuthenticationProvider
should be tried.
Selection of an AuthenticationProvider
capable of performing
authentication is conducted at runtime the ProviderManager
.
supports
in interface AuthenticationProvider
true
if the implementation can more closely evaluate the
Authentication
class presented