org.springframework.ws.soap.security.x509

Class X509AuthenticationProvider

java.lang.Object

org.springframework.ws.soap.security.x509.X509AuthenticationProvider

All Implemented Interfaces:

Aware, InitializingBean, MessageSourceAware, org.springframework.security.authentication.AuthenticationProvider

public class X509AuthenticationProvider
extends Object
implements org.springframework.security.authentication.AuthenticationProvider, InitializingBean, MessageSourceAware

Processes an X.509 authentication request.

Migrated from Spring Security 2 since it has been removed in Spring Security 3.

Author:

Luke Taylor

Field Summary

Fields

Modifier and Type	Field and Description
protected MessageSourceAccessor	messages

Constructor Summary

Constructors

Constructor and Description
X509AuthenticationProvider()

Method Summary

Modifier and Type	Method and Description
void	afterPropertiesSet()
org.springframework.security.core.Authentication	authenticate(org.springframework.security.core.Authentication authentication) If the supplied authentication token contains a certificate then this will be passed to the configured X509AuthoritiesPopulator to obtain the user details and authorities for the user identified by the certificate.
void	setMessageSource(MessageSource messageSource)
void	setX509AuthoritiesPopulator(X509AuthoritiesPopulator x509AuthoritiesPopulator)
void	setX509UserCache(X509UserCache cache)
boolean	supports(Class<?> authentication)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

messages

protected MessageSourceAccessor messages

Constructor Detail

X509AuthenticationProvider

public X509AuthenticationProvider()

Method Detail

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception

Specified by:

afterPropertiesSet in interface InitializingBean

Throws:

Exception

authenticate

public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication)
                                                              throws org.springframework.security.core.AuthenticationException

If the supplied authentication token contains a certificate then this will be passed to the configured X509AuthoritiesPopulator to obtain the user details and authorities for the user identified by the certificate.

If no certificate is present (for example, if the filter is applied to an HttpRequest for which client authentication hasn't been configured in the container) then a BadCredentialsException will be raised.

Specified by:

authenticate in interface org.springframework.security.authentication.AuthenticationProvider

Parameters:

authentication - the authentication request.

Returns:

an X509AuthenticationToken containing the authorities of the principal represented by the certificate.

Throws:

org.springframework.security.core.AuthenticationException - if the X509AuthoritiesPopulator rejects the certficate.

org.springframework.security.authentication.BadCredentialsException - if no certificate was presented in the authentication request.

setMessageSource

public void setMessageSource(MessageSource messageSource)

Specified by:

setMessageSource in interface MessageSourceAware

setX509AuthoritiesPopulator

public void setX509AuthoritiesPopulator(X509AuthoritiesPopulator x509AuthoritiesPopulator)

setX509UserCache

public void setX509UserCache(X509UserCache cache)

supports

public boolean supports(Class<?> authentication)

Specified by:

supports in interface org.springframework.security.authentication.AuthenticationProvider