Package org.springframework.security.web.authentication
package org.springframework.security.web.authentication
Authentication processing mechanisms, which respond to the submission of authentication
credentials using various protocols (eg BASIC, CAS, form login etc).
-
ClassDescriptionAbstract processor of browser-based HTTP-based authentication requests.Base class containing the logic used by strategies which handle redirection to a URL and are passed an
Authentication
object as part of the contract.Detects if there is noAuthentication
object in theSecurityContextHolder
, and populates it with one if needed.A strategy used for converting from aHttpServletRequest
to anAuthentication
of particular type.Adapts aAuthenticationEntryPoint
into aAuthenticationFailureHandler
Strategy used to handle a failed authentication attempt.AFilter
that performs authentication of a particular request.Strategy used to handle a successful user authentication.AnAuthenticationEntryPoint
which selects a concreteAuthenticationEntryPoint
based on aRequestMatcher
evaluation.AnAuthenticationFailureHandler
that delegates to otherAuthenticationFailureHandler
instances based upon the type ofAuthenticationException
passed intoDelegatingAuthenticationFailureHandler.onAuthenticationFailure(HttpServletRequest, HttpServletResponse, AuthenticationException)
.Uses the internal map of exceptions types to URLs to determine the destination on authentication failure.Forward Authentication Failure HandlerForward Authentication Success HandlerIn the pre-authenticated authentication case (unlike CAS, for example) the user will already have been identified through some external mechanism and a secure context established by the time the security-enforcement filter is invoked.AnAuthenticationEntryPoint
that sends a genericHttpStatus
as a response.Used by theExceptionTranslationFilter
to commence a form login authentication via theUsernamePasswordAuthenticationFilter
.AnAuthenticationEntryPoint
implementation that does nothing.Implementation ofNullRememberMeServices
that does nothing.Implement by a class that is capable of providing a remember-me service.AnAuthenticationManagerResolver
that returns aAuthenticationManager
instances based upon the type ofHttpServletRequest
passed intoRequestMatcherDelegatingAuthenticationManagerResolver.resolve(HttpServletRequest)
.A builder forRequestMatcherDelegatingAuthenticationManagerResolver
.An authentication success strategy which can make use of theDefaultSavedRequest
which may have been stored in the session by theExceptionTranslationFilter
.AuthenticationFailureHandler which performs a redirect to the value of thedefaultFailureUrl
property when the onAuthenticationFailure method is called.AuthenticationSuccessHandler which can be configured with a default URL which users should be sent to upon successful authentication.Processes an authentication form submission.A holder of selected HTTP details related to a web authentication request.Implementation ofAuthenticationDetailsSource
which builds the details object from an HttpServletRequest object, creating aWebAuthenticationDetails
.