Class DefaultJaasAuthenticationProvider

  • All Implemented Interfaces:
    java.util.EventListener, org.springframework.beans.factory.Aware, org.springframework.beans.factory.InitializingBean, org.springframework.context.ApplicationEventPublisherAware, org.springframework.context.ApplicationListener<SessionDestroyedEvent>, AuthenticationProvider

    public class DefaultJaasAuthenticationProvider
    extends AbstractJaasAuthenticationProvider

    Creates a LoginContext using the Configuration provided to it. This allows the configuration to be injected regardless of the value of Configuration.getConfiguration().

    While not bound to any particular Configuration implementation, an in memory version of a JAAS configuration can be represented using InMemoryConfiguration.

    The following JAAS configuration:

     SPRINGSECURITY {
        sample.SampleLoginModule required;
      };
     

    Can be represented as follows:

     <bean id="jaasAuthProvider" class="org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider">
       <property name="configuration">
         <bean class="org.springframework.security.authentication.jaas.memory.InMemoryConfiguration">
           <constructor-arg>
             <map>
               <!-- SPRINGSECURITY is the default loginContextName for AbstractJaasAuthenticationProvider-->
               <entry key="SPRINGSECURITY">
                 <array>
                   <bean class="javax.security.auth.login.AppConfigurationEntry">
                     <constructor-arg value="sample.SampleLoginModule" />
                     <constructor-arg>
                       <util:constant static-field="javax.security.auth.login.AppConfigurationEntry$LoginModuleControlFlag.REQUIRED" />
                     </constructor-arg>
                     <constructor-arg>
                       <map></map>
                     </constructor-arg>
                   </bean>
                 </array>
               </entry>
             </map>
           </constructor-arg>
         </bean>
       </property>
       <property name="authorityGranters">
         <list>
           <!-- You will need to write your own implementation of AuthorityGranter -->
           <bean class="org.springframework.security.authentication.jaas.TestAuthorityGranter"/>
         </list>
       </property>
     </bean>
     
    See Also:
    AbstractJaasAuthenticationProvider, InMemoryConfiguration