public class DefaultJaasAuthenticationProvider extends AbstractJaasAuthenticationProvider
Creates a LoginContext using the Configuration provided to it. This allows the
configuration to be injected regardless of the value of
Configuration.getConfiguration()
.
While not bound to any particular Configuration implementation, an in memory version of
a JAAS configuration can be represented using InMemoryConfiguration
.
The following JAAS configuration:
SPRINGSECURITY { sample.SampleLoginModule required; };
Can be represented as follows:
<bean id="jaasAuthProvider" class="org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider"> <property name="configuration"> <bean class="org.springframework.security.authentication.jaas.memory.InMemoryConfiguration"> <constructor-arg> <map> <!-- SPRINGSECURITY is the default loginContextName for AbstractJaasAuthenticationProvider--> <entry key="SPRINGSECURITY"> <array> <bean class="javax.security.auth.login.AppConfigurationEntry"> <constructor-arg value="sample.SampleLoginModule" /> <constructor-arg> <util:constant static-field="javax.security.auth.login.AppConfigurationEntry$LoginModuleControlFlag.REQUIRED" /> </constructor-arg> <constructor-arg> <map></map> </constructor-arg> </bean> </array> </entry> </map> </constructor-arg> </bean> </property> <property name="authorityGranters"> <list> <!-- You will need to write your own implementation of AuthorityGranter --> <bean class="org.springframework.security.authentication.jaas.TestAuthorityGranter"/> </list> </property> </bean>
log
Constructor and Description |
---|
DefaultJaasAuthenticationProvider() |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet()
Validates the required properties are set.
|
protected javax.security.auth.login.LoginContext |
createLoginContext(javax.security.auth.callback.CallbackHandler handler)
Creates a LoginContext using the Configuration that was specified in
setConfiguration(Configuration) . |
protected javax.security.auth.login.Configuration |
getConfiguration() |
void |
setConfiguration(javax.security.auth.login.Configuration configuration)
Sets the Configuration to use for Authentication.
|
authenticate, getApplicationEventPublisher, handleLogout, onApplicationEvent, publishFailureEvent, publishSuccessEvent, setApplicationEventPublisher, setAuthorityGranters, setCallbackHandlers, setLoginContextName, setLoginExceptionResolver, supports
public void afterPropertiesSet() throws java.lang.Exception
AbstractJaasAuthenticationProvider
AbstractJaasAuthenticationProvider.setCallbackHandlers(JaasAuthenticationCallbackHandler[])
has not been
called with valid handlers, initializes to use JaasNameCallbackHandler
and
JaasPasswordCallbackHandler
.afterPropertiesSet
in class AbstractJaasAuthenticationProvider
java.lang.Exception
protected javax.security.auth.login.LoginContext createLoginContext(javax.security.auth.callback.CallbackHandler handler) throws javax.security.auth.login.LoginException
setConfiguration(Configuration)
.createLoginContext
in class AbstractJaasAuthenticationProvider
handler
- The CallbackHandler that should be used for the LoginContext (never
null
).javax.security.auth.login.LoginException
protected javax.security.auth.login.Configuration getConfiguration()
public void setConfiguration(javax.security.auth.login.Configuration configuration)
configuration
- the Configuration that is used when
createLoginContext(CallbackHandler)
is called.