org.acegisecurity.providers.siteminder
Class SiteminderAuthenticationProvider

java.lang.Object
  extended by org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider
      extended by org.acegisecurity.providers.siteminder.SiteminderAuthenticationProvider
All Implemented Interfaces:
AuthenticationProvider, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware

public class SiteminderAuthenticationProvider
extends AbstractUserDetailsAuthenticationProvider

An AuthenticationProvider implementation that retrieves user details from an UserDetailsService.

Version:
$Id: SiteminderAuthenticationProvider.java 1582 2006-07-15 15:18:51Z smccrory $
Author:
Scott McCrory

Field Summary
 
Fields inherited from class org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider
hideUserNotFoundExceptions, messages
 
Constructor Summary
SiteminderAuthenticationProvider()
           
 
Method Summary
protected  void additionalAuthenticationChecks(UserDetails user, UsernamePasswordAuthenticationToken authentication)
          Allows subclasses to perform any additional checks of a returned (or cached) UserDetails for a given authentication request.
protected  void doAfterPropertiesSet()
           
 UserDetailsService getUserDetailsService()
          Return the user details service.
protected  UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication)
          Allows subclasses to actually retrieve the UserDetails from an implementation-specific location, with the option of throwing an AuthenticationException immediately if the presented credentials are incorrect (this is especially useful if it is necessary to bind to a resource as the user in order to obtain or generate a UserDetails).
 void setUserDetailsService(UserDetailsService userDetailsService)
          Sets the user details service.
 
Methods inherited from class org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider
afterPropertiesSet, authenticate, createSuccessAuthentication, getPostAuthenticationChecks, getPreAuthenticationChecks, getUserCache, isForcePrincipalAsString, isHideUserNotFoundExceptions, setForcePrincipalAsString, setHideUserNotFoundExceptions, setMessageSource, setPostAuthenticationChecks, setPreAuthenticationChecks, setUserCache, supports
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SiteminderAuthenticationProvider

public SiteminderAuthenticationProvider()
Method Detail

additionalAuthenticationChecks

protected void additionalAuthenticationChecks(UserDetails user,
                                              UsernamePasswordAuthenticationToken authentication)
                                       throws AuthenticationException
Description copied from class: AbstractUserDetailsAuthenticationProvider
Allows subclasses to perform any additional checks of a returned (or cached) UserDetails for a given authentication request. Generally a subclass will at least compare the Authentication.getCredentials() with a UserDetails.getPassword(). If custom logic is needed to compare additional properties of UserDetails and/or UsernamePasswordAuthenticationToken, these should also appear in this method.

Specified by:
additionalAuthenticationChecks in class AbstractUserDetailsAuthenticationProvider
Parameters:
user - as retrieved from the AbstractUserDetailsAuthenticationProvider.retrieveUser(String, UsernamePasswordAuthenticationToken) or UserCache
authentication - the current request that needs to be authenticated
Throws:
AuthenticationException - AuthenticationException if the credentials could not be validated (generally a BadCredentialsException, an AuthenticationServiceException)
See Also:
AbstractUserDetailsAuthenticationProvider.additionalAuthenticationChecks(org.acegisecurity.userdetails.UserDetails, org.acegisecurity.providers.UsernamePasswordAuthenticationToken)

doAfterPropertiesSet

protected void doAfterPropertiesSet()
                             throws Exception
Overrides:
doAfterPropertiesSet in class AbstractUserDetailsAuthenticationProvider
Throws:
Exception
See Also:
AbstractUserDetailsAuthenticationProvider.doAfterPropertiesSet()

getUserDetailsService

public UserDetailsService getUserDetailsService()
Return the user details service.

Returns:
The user details service.

retrieveUser

protected final UserDetails retrieveUser(String username,
                                         UsernamePasswordAuthenticationToken authentication)
                                  throws AuthenticationException
Description copied from class: AbstractUserDetailsAuthenticationProvider
Allows subclasses to actually retrieve the UserDetails from an implementation-specific location, with the option of throwing an AuthenticationException immediately if the presented credentials are incorrect (this is especially useful if it is necessary to bind to a resource as the user in order to obtain or generate a UserDetails).

Subclasses are not required to perform any caching, as the AbstractUserDetailsAuthenticationProvider will by default cache the UserDetails. The caching of UserDetails does present additional complexity as this means subsequent requests that rely on the cache will need to still have their credentials validated, even if the correctness of credentials was assured by subclasses adopting a binding-based strategy in this method. Accordingly it is important that subclasses either disable caching (if they want to ensure that this method is the only method that is capable of authenticating a request, as no UserDetails will ever be cached) or ensure subclasses implement AbstractUserDetailsAuthenticationProvider.additionalAuthenticationChecks(UserDetails, UsernamePasswordAuthenticationToken) to compare the credentials of a cached UserDetails with subsequent authentication requests.

Most of the time subclasses will not perform credentials inspection in this method, instead performing it in AbstractUserDetailsAuthenticationProvider.additionalAuthenticationChecks(UserDetails, UsernamePasswordAuthenticationToken) so that code related to credentials validation need not be duplicated across two methods.

Specified by:
retrieveUser in class AbstractUserDetailsAuthenticationProvider
Parameters:
username - The username to retrieve
authentication - The authentication request, which subclasses may need to perform a binding-based retrieval of the UserDetails
Returns:
the user information (never null - instead an exception should the thrown)
Throws:
AuthenticationException - if the credentials could not be validated (generally a BadCredentialsException, an AuthenticationServiceException or UsernameNotFoundException)
See Also:
AbstractUserDetailsAuthenticationProvider.retrieveUser(java.lang.String, org.acegisecurity.providers.UsernamePasswordAuthenticationToken)

setUserDetailsService

public void setUserDetailsService(UserDetailsService userDetailsService)
Sets the user details service.

Parameters:
userDetailsService - The user details service.


Copyright © 2004-2011 Interface21, Inc. All Rights Reserved.