All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.acegisecurity.providers.rcp.RemoteAuthenticationProvider Maven / Gradle / Ivy

There is a newer version: 1.0.7
Show newest version
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.acegisecurity.providers.rcp;

import org.acegisecurity.Authentication;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.GrantedAuthority;

import org.acegisecurity.providers.AuthenticationProvider;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;

import org.springframework.beans.factory.InitializingBean;

import org.springframework.util.Assert;


/**
 * Client-side object which queries a  {@link RemoteAuthenticationManager} to validate an authentication request.

A * new Authentication object is created by this class comprising the request Authentication * object's principal, credentials and the GrantedAuthority[]s returned by the * RemoteAuthenticationManager.

*

The RemoteAuthenticationManager should not require any special username or password setting on * the remoting client proxy factory to execute the call. Instead the entire authentication request must be * encapsulated solely within the Authentication request object. In practical terms this means the * RemoteAuthenticationManager will not be protected by BASIC or any other HTTP-level * authentication.

*

If authentication fails, a RemoteAuthenticationException will be thrown. This exception should * be caught and displayed to the user, enabling them to retry with alternative credentials etc.

* * @author Ben Alex * @version $Id: RemoteAuthenticationProvider.java 1496 2006-05-23 13:38:33Z benalex $ */ public class RemoteAuthenticationProvider implements AuthenticationProvider, InitializingBean { //~ Instance fields ================================================================================================ private RemoteAuthenticationManager remoteAuthenticationManager; //~ Methods ======================================================================================================== public void afterPropertiesSet() throws Exception { Assert.notNull(this.remoteAuthenticationManager, "remoteAuthenticationManager is mandatory"); } public Authentication authenticate(Authentication authentication) throws AuthenticationException { String username = authentication.getPrincipal().toString(); String password = authentication.getCredentials().toString(); GrantedAuthority[] authorities = remoteAuthenticationManager.attemptAuthentication(username, password); return new UsernamePasswordAuthenticationToken(username, password, authorities); } public RemoteAuthenticationManager getRemoteAuthenticationManager() { return remoteAuthenticationManager; } public void setRemoteAuthenticationManager(RemoteAuthenticationManager remoteAuthenticationManager) { this.remoteAuthenticationManager = remoteAuthenticationManager; } public boolean supports(Class authentication) { return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication)); } }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy