org.acegisecurity.AbstractAuthenticationManager
org.acegisecurity.providers.ProviderManager
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Object
public class ProviderManager
Iterates an Authentication request through a list of AuthenticationProviders.
Can optionally be configured with a ConcurrentSessionController to limit the number of sessions a user can
have.
AuthenticationProviders are tried in order until one provides a non-null response.
A non-null response indicates the provider had authority to decide on the authentication request and no further
providers are tried. If an AuthenticationException is thrown by a provider, it is retained until
subsequent providers are tried. If a subsequent provider successfully authenticates the request, the earlier
authentication exception is disregarded and the successful authentication will be used. If no subsequent provider
provides a non-null response, or a new AuthenticationException, the last
AuthenticationException received will be used. If no provider returns a non-null response, or indicates
it can even process an Authentication, the ProviderManager will throw a
ProviderNotFoundException.
If a valid Authentication is returned by an AuthenticationProvider, the
ProviderManager will publish an AuthenticationSuccessEvent. If an AuthenticationException is
detected, the final AuthenticationException thrown will be used to publish an appropriate failure
event. By default ProviderManager maps common exceptions to events, but this can be fine-tuned by
providing a new exceptionMappingsjava.util.Properties object. In the properties object,
each of the keys represent the fully qualified classname of the exception, and each of the values represent the
name of an event class which subclasses AbstractAuthenticationFailureEvent and provides its constructor.
ConcurrentSessionController| Field Summary | |
|---|---|
protected org.springframework.context.support.MessageSourceAccessor |
messages
|
| Constructor Summary | |
|---|---|
ProviderManager()
|
|
| Method Summary | |
|---|---|
void |
afterPropertiesSet()
|
protected void |
doAddExtraDefaultExceptionMappings(Properties exceptionMappings)
Provided so subclasses can add extra exception mappings during startup if no exception mappings are injected by the IoC container. |
Authentication |
doAuthentication(Authentication authentication)
Attempts to authenticate the passed Authentication object. |
List |
getProviders()
|
ConcurrentSessionController |
getSessionController()
The configured ConcurrentSessionController is returned or the NullConcurrentSessionController if a specific one has not been set. |
void |
setApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher applicationEventPublisher)
|
void |
setMessageSource(org.springframework.context.MessageSource messageSource)
|
void |
setProviders(List newList)
Sets the AuthenticationProvider objects to be used for authentication. |
void |
setSessionController(ConcurrentSessionController sessionController)
Set the ConcurrentSessionController to be used for limiting user's sessions. |
| Methods inherited from class org.acegisecurity.AbstractAuthenticationManager |
|---|
authenticate |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
|---|
protected org.springframework.context.support.MessageSourceAccessor messages
| Constructor Detail |
|---|
public ProviderManager()
| Method Detail |
|---|
public void afterPropertiesSet()
throws Exception
afterPropertiesSet in interface org.springframework.beans.factory.InitializingBeanExceptionprotected void doAddExtraDefaultExceptionMappings(Properties exceptionMappings)
exceptionMappings - the properties object, which already has entries in it
public Authentication doAuthentication(Authentication authentication)
throws AuthenticationException
Authentication object.The list of AuthenticationProviders will be successively tried until an AuthenticationProvider indicates it
is capable of authenticating the type of Authentication object passed. Authentication will then
be attempted with that AuthenticationProvider.
If more than one AuthenticationProvider supports the passed Authentication
object, only the first AuthenticationProvider tried will determine the result. No subsequent
AuthenticationProviders will be tried.
doAuthentication in class AbstractAuthenticationManagerauthentication - the authentication request object.
AuthenticationException - if authentication fails.public List getProviders()
public ConcurrentSessionController getSessionController()
ConcurrentSessionController is returned or the NullConcurrentSessionController if a specific one has not been set.
ConcurrentSessionController instancepublic void setApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher applicationEventPublisher)
setApplicationEventPublisher in interface org.springframework.context.ApplicationEventPublisherAwarepublic void setMessageSource(org.springframework.context.MessageSource messageSource)
setMessageSource in interface org.springframework.context.MessageSourceAwarepublic void setProviders(List newList)
AuthenticationProvider objects to be used for authentication.
newList -
IllegalArgumentException - DOCUMENT ME!public void setSessionController(ConcurrentSessionController sessionController)
ConcurrentSessionController to be used for limiting user's sessions. The NullConcurrentSessionController is used by default
sessionController - ConcurrentSessionController
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||