com.foreach.across.modules.user.security

Class InternalUserDirectoryAuthenticationProvider

java.lang.Object

com.foreach.across.modules.user.security.AbstractUserInDirectoryAuthenticationProvider

com.foreach.across.modules.user.security.InternalUserDirectoryAuthenticationProvider

All Implemented Interfaces:

org.springframework.beans.factory.Aware, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware, org.springframework.security.authentication.AuthenticationProvider

public class InternalUserDirectoryAuthenticationProvider
extends AbstractUserInDirectoryAuthenticationProvider

Authenticates a user against a InternalUserDirectory.

Since:

2.0.0

Author:

Arne Vandamme

Field Summary

Fields inherited from class com.foreach.across.modules.user.security.AbstractUserInDirectoryAuthenticationProvider

LOG, messages, userDirectory

Constructor Summary

Constructors

Constructor and Description
InternalUserDirectoryAuthenticationProvider()

Method Summary

Modifier and Type	Method and Description
protected void	additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails userDetails, org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication) Allows subclasses to perform any additional checks of a returned (or cached) UserDetails for a given authentication request.
protected org.springframework.security.core.userdetails.UserDetails	buildUserDetails(User user, org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication) Allows subclasses to build the UserDetails for a given User.
protected void	doAfterPropertiesSet()
protected org.springframework.security.crypto.password.PasswordEncoder	getPasswordEncoder()
void	setPasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder passwordEncoder) Sets the PasswordEncoder instance to be used to encode and validate passwords.

Methods inherited from class com.foreach.across.modules.user.security.AbstractUserInDirectoryAuthenticationProvider

afterPropertiesSet, authenticate, createSuccessAuthentication, retrieveUser, setAuthoritiesMapper, setForcePrincipalAsString, setMessageSource, setPostAuthenticationChecks, setPreAuthenticationChecks, setThrowExceptionIfUserNotFound, setUserCache, setUserDirectory, setUserService, supports

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

InternalUserDirectoryAuthenticationProvider

public InternalUserDirectoryAuthenticationProvider()

Method Detail

doAfterPropertiesSet

protected void doAfterPropertiesSet()
                             throws Exception

Overrides:

doAfterPropertiesSet in class AbstractUserInDirectoryAuthenticationProvider

Throws:

Exception

buildUserDetails

protected org.springframework.security.core.userdetails.UserDetails buildUserDetails(User user,
                                                                                     org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication)
                                                                              throws org.springframework.security.core.AuthenticationException

Description copied from class: AbstractUserInDirectoryAuthenticationProvider

Allows subclasses to build the UserDetails for a given User. Actual credential validation can be performed and an AuthenticationException thrown if validation fails. In case the method returns null this will end in a null Authentication being returned by this provider.

Note that User already implements UserDetails. If validation is successful, that same user instance can be returned by the method implementation.

Specified by:

buildUserDetails in class AbstractUserInDirectoryAuthenticationProvider

Parameters:

user - The user found with the username from the authentication

authentication - The authentication request, which subclasses may need to perform a binding-based retrieval of the UserDetails

Returns:

the user information, can be null to fall back to being "unable to authenticate"

Throws:

org.springframework.security.core.AuthenticationException - if the credentials could not be validated

additionalAuthenticationChecks

protected void additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails userDetails,
                                              org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication)
                                       throws org.springframework.security.core.AuthenticationException

Description copied from class: AbstractUserInDirectoryAuthenticationProvider

Allows subclasses to perform any additional checks of a returned (or cached) UserDetails for a given authentication request. Generally a subclass will at least compare the Authentication.getCredentials() with a UserDetails.getPassword(). If custom logic is needed to compare additional properties of UserDetails and/or UsernamePasswordAuthenticationToken, these should also appear in this method.

Specified by:

additionalAuthenticationChecks in class AbstractUserInDirectoryAuthenticationProvider

Parameters:

userDetails - as retrieved from the AbstractUserInDirectoryAuthenticationProvider.buildUserDetails(User, UsernamePasswordAuthenticationToken) or UserCache

authentication - the current request that needs to be authenticated

Throws:

org.springframework.security.core.AuthenticationException - AuthenticationException if the credentials could not be validated (generally a BadCredentialsException, an AuthenticationServiceException)

getPasswordEncoder

protected org.springframework.security.crypto.password.PasswordEncoder getPasswordEncoder()

setPasswordEncoder

public void setPasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder passwordEncoder)

Sets the PasswordEncoder instance to be used to encode and validate passwords. If not set, the password will be compared using PasswordEncoderFactories.createDelegatingPasswordEncoder()

Parameters:

passwordEncoder - must be an instance of one of the PasswordEncoder types.