Package org.springframework.security.web.authentication.preauth

Class PreAuthenticatedAuthenticationProvider

  • All Implemented Interfaces:
    org.springframework.beans.factory.InitializingBean, org.springframework.core.Ordered, AuthenticationProvider
    public class PreAuthenticatedAuthenticationProvider
extends java.lang.Object
implements AuthenticationProvider, org.springframework.beans.factory.InitializingBean, org.springframework.core.Ordered

    Processes a pre-authenticated authentication request. The request will typically originate from a AbstractPreAuthenticatedProcessingFilter subclass.

    This authentication provider will not perform any checks on authentication requests, as they should already be pre-authenticated. However, the AuthenticationUserDetailsService implementation may still throw a UsernameNotFoundException, for example.

    Since:
    2.0

    • Constructor Detail

      • PreAuthenticatedAuthenticationProvider

        public PreAuthenticatedAuthenticationProvider()

    • Method Detail

      • afterPropertiesSet

        public void afterPropertiesSet()
        Check whether all required properties have been set.
        Specified by:
        afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean

      • authenticate

        public Authentication authenticate​(Authentication authentication)
                            throws AuthenticationException
        Authenticate the given PreAuthenticatedAuthenticationToken.

        If the principal contained in the authentication object is null, the request will be ignored to allow other providers to authenticate it.

        Specified by:
        authenticate in interface AuthenticationProvider
        Parameters:
        authentication - the authentication request object.
        Returns:
        a fully authenticated object including credentials. May return null if the AuthenticationProvider is unable to support authentication of the passed Authentication object. In such a case, the next AuthenticationProvider that supports the presented Authentication class will be tried.
        Throws:
        AuthenticationException - if authentication fails.

      • supports

        public final boolean supports​(java.lang.Class<?> authentication)
        Indicate that this provider only supports PreAuthenticatedAuthenticationToken (sub)classes.
        Specified by:
        supports in interface AuthenticationProvider
        Returns:
        true if the implementation can more closely evaluate the Authentication class presented

      • setThrowExceptionWhenTokenRejected

        public void setThrowExceptionWhenTokenRejected​(boolean throwExceptionWhenTokenRejected)
        If true, causes the provider to throw a BadCredentialsException if the presented authentication request is invalid (contains a null principal or credentials). Otherwise it will just return null. Defaults to false.

      • setUserDetailsChecker

        public void setUserDetailsChecker​(UserDetailsChecker userDetailsChecker)
        Sets the strategy which will be used to validate the loaded UserDetails object for the user. Defaults to an AccountStatusUserDetailsChecker.
        Parameters:
        userDetailsChecker -

      • getOrder

        public int getOrder()
        Specified by:
        getOrder in interface org.springframework.core.Ordered

      • setOrder

        public void setOrder​(int i)