Package org.springframework.security.authentication

Interface AuthenticationTrustResolver

All Known Implementing Classes:
AuthenticationTrustResolverImpl
public interface AuthenticationTrustResolver
Evaluates Authentication tokens

  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    isAnonymous(@Nullable Authentication authentication)
    Indicates whether the passed Authentication token represents an anonymous user.
    default boolean
    isAuthenticated(@Nullable Authentication authentication)
    Checks if the Authentication is not null, authenticated, and not anonymous.
    default boolean
    isFullyAuthenticated(@Nullable Authentication authentication)
    Indicates whether the passed Authentication token represents a fully authenticated user (that is, neither anonymous or remember-me).
    boolean
    isRememberMe(@Nullable Authentication authentication)
    Indicates whether the passed Authentication token represents user that has been remembered (i.e.

  • Method Details

    • isAnonymous

      boolean isAnonymous(@Nullable Authentication authentication)
      Indicates whether the passed Authentication token represents an anonymous user. Typically the framework will call this method if it is trying to decide whether an AccessDeniedException should result in a final rejection (i.e. as would be the case if the principal was non-anonymous/fully authenticated) or direct the principal to attempt actual authentication (i.e. as would be the case if the Authentication was merely anonymous).
      Parameters:
      authentication - to test (may be null in which case the method will always return false)
      Returns:
      true the passed authentication token represented an anonymous principal, false otherwise

    • isRememberMe

      boolean isRememberMe(@Nullable Authentication authentication)
      Indicates whether the passed Authentication token represents user that has been remembered (i.e. not a user that has been fully authenticated).

      The method is provided to assist with custom AccessDecisionVoters and the like that you might develop. Of course, you don't need to use this method either and can develop your own "trust level" hierarchy instead.

      Parameters:
      authentication - to test (may be null in which case the method will always return false)
      Returns:
      true the passed authentication token represented a principal authenticated using a remember-me token, false otherwise

    • isFullyAuthenticated

      default boolean isFullyAuthenticated(@Nullable Authentication authentication)
      Indicates whether the passed Authentication token represents a fully authenticated user (that is, neither anonymous or remember-me). This is a composition of isAnonymous and isRememberMe implementation

      Parameters:
      authentication - to test (may be null in which case the method will always return false)
      Returns:
      true the passed authentication token represented an authenticated user (isAuthenticated(Authentication) and not isRememberMe(Authentication), false otherwise
      Since:
      6.1

    • isAuthenticated

      @Contract("null -> false") default boolean isAuthenticated(@Nullable Authentication authentication)
      Checks if the Authentication is not null, authenticated, and not anonymous.
      Parameters:
      authentication - the Authentication to check.
      Returns:
      true if the Authentication is not null, isAnonymous(Authentication) returns false, & Authentication.isAuthenticated() is true.
      Since:
      6.1.7