Package org.springframework.security.access.intercept

Class RunAsImplAuthenticationProvider

java.lang.Object
org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
All Implemented Interfaces:
org.springframework.beans.factory.Aware, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware, AuthenticationProvider
public class RunAsImplAuthenticationProvider extends Object implements org.springframework.beans.factory.InitializingBean, AuthenticationProvider, org.springframework.context.MessageSourceAware
An AuthenticationProvider implementation that can authenticate a RunAsUserToken.

Configured in the bean context with a key that should match the key used by adapters to generate the RunAsUserToken. It treats as valid any RunAsUserToken instance presenting a hash code that matches the RunAsImplAuthenticationProvider-configured key.

If the key does not match, a BadCredentialsException is thrown.

  • Field Details

    • messages

      protected org.springframework.context.support.MessageSourceAccessor messages

  • Constructor Details

    • RunAsImplAuthenticationProvider

      public RunAsImplAuthenticationProvider()

  • Method Details

    • afterPropertiesSet

      public void afterPropertiesSet()
      Specified by:
      afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean

    • authenticate

      public Authentication authenticate(Authentication authentication) throws AuthenticationException
      Description copied from interface: AuthenticationProvider
      Performs authentication with the same contract as AuthenticationManager.authenticate(Authentication) .
      Specified by:
      authenticate in interface AuthenticationProvider
      Parameters:
      authentication - the authentication request object.
      Returns:
      a fully authenticated object including credentials. May return null if the AuthenticationProvider is unable to support authentication of the passed Authentication object. In such a case, the next AuthenticationProvider that supports the presented Authentication class will be tried.
      Throws:
      AuthenticationException - if authentication fails.

    • getKey

      public String getKey()

    • setKey

      public void setKey(String key)

    • setMessageSource

      public void setMessageSource(org.springframework.context.MessageSource messageSource)
      Specified by:
      setMessageSource in interface org.springframework.context.MessageSourceAware

    • supports

      public boolean supports(Class<?> authentication)
      Description copied from interface: AuthenticationProvider
      Returns true if this AuthenticationProvider supports the indicated Authentication object.

      Returning true does not guarantee an AuthenticationProvider will be able to authenticate the presented instance of the Authentication class. It simply indicates it can support closer evaluation of it. An AuthenticationProvider can still return null from the AuthenticationProvider.authenticate(Authentication) method to indicate another AuthenticationProvider should be tried.

      Selection of an AuthenticationProvider capable of performing authentication is conducted at runtime the ProviderManager.

      Specified by:
      supports in interface AuthenticationProvider
      Returns:
      true if the implementation can more closely evaluate the Authentication class presented