Class PreAuthenticatedAuthenticationToken

java.lang.Object
org.springframework.security.authentication.AbstractAuthenticationToken
org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken
All Implemented Interfaces:
Serializable, Principal, Authentication, CredentialsContainer

public class PreAuthenticatedAuthenticationToken extends AbstractAuthenticationToken
Authentication implementation for pre-authenticated authentication.
Since:
2.0
See Also:
  • Constructor Details

    • PreAuthenticatedAuthenticationToken

      public PreAuthenticatedAuthenticationToken(Object aPrincipal, @Nullable Object aCredentials)
      Constructor used for an authentication request. The Authentication.isAuthenticated() will return false.
      Parameters:
      aPrincipal - The pre-authenticated principal
      aCredentials - The pre-authenticated credentials
    • PreAuthenticatedAuthenticationToken

      public PreAuthenticatedAuthenticationToken(Object aPrincipal, @Nullable Object aCredentials, Collection<? extends GrantedAuthority> anAuthorities)
      Constructor used for an authentication response. The Authentication.isAuthenticated() will return true.
      Parameters:
      aPrincipal - The authenticated principal
      anAuthorities - The granted authorities
    • PreAuthenticatedAuthenticationToken

      protected PreAuthenticatedAuthenticationToken(PreAuthenticatedAuthenticationToken.Builder<?> builder)
  • Method Details

    • getCredentials

      public @Nullable Object getCredentials()
      Get the credentials
      Returns:
      the credentials that prove the identity of the Principal
    • getPrincipal

      public Object getPrincipal()
      Get the principal
      Returns:
      the Principal being authenticated or the authenticated principal after authentication.
    • toBuilder

      Description copied from interface: Authentication
      Return an Authentication.Builder based on this instance. By default, returns a builder that builds a SimpleAuthentication.

      Although a default method, all Authentication implementations should implement this. The reason is to ensure that the Authentication type is preserved when Authentication.Builder.build() is invoked. This is especially important in the event that your authentication implementation contains custom fields.

      This isn't strictly necessary since it is recommended that applications code to the Authentication interface and that custom information is often contained in the Authentication.getPrincipal() value.

      Returns:
      an Authentication.Builder for building a new Authentication based on this instance