ProviderManager (Acegi Security System for Spring 1.0.3 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.acegisecurity.providers
Class ProviderManager

java.lang.Object
  org.acegisecurity.AbstractAuthenticationManager
      org.acegisecurity.providers.ProviderManager

All Implemented Interfaces:: AuthenticationManager, InitializingBean, ApplicationEventPublisherAware, MessageSourceAware

public class ProviderManager
extends AbstractAuthenticationManager
implements InitializingBean, ApplicationEventPublisherAware, MessageSourceAware
extends AbstractAuthenticationManager
implements InitializingBean, ApplicationEventPublisherAware, MessageSourceAware

Iterates an Authentication request through a list of AuthenticationProviders. Can optionally be configured with a ConcurrentSessionController to limit the number of sessions a user can have.

AuthenticationProviders are tried in order until one provides a non-null response. A non-null response indicates the provider had authority to decide on the authentication request and no further providers are tried. If an AuthenticationException is thrown by a provider, it is retained until subsequent providers are tried. If a subsequent provider successfully authenticates the request, the earlier authentication exception is disregarded and the successful authentication will be used. If no subsequent provider provides a non-null response, or a new AuthenticationException, the last AuthenticationException received will be used. If no provider returns a non-null response, or indicates it can even process an Authentication, the ProviderManager will throw a ProviderNotFoundException.

If a valid Authentication is returned by an AuthenticationProvider, the ProviderManager will publish an AuthenticationSuccessEvent. If an AuthenticationException is detected, the final AuthenticationException thrown will be used to publish an appropriate failure event. By default ProviderManager maps common exceptions to events, but this can be fine-tuned by providing a new exceptionMappingsjava.util.Properties object. In the properties object, each of the keys represent the fully qualified classname of the exception, and each of the values represent the name of an event class which subclasses AbstractAuthenticationFailureEvent and provides its constructor.

See Also:: ConcurrentSessionController

Field Summary
`protected MessageSourceAccessor`	`messages`

Constructor Summary
`ProviderManager()`

Method Summary
`void`	`afterPropertiesSet()`
`protected void`	`doAddExtraDefaultExceptionMappings(Properties exceptionMappings)` Provided so subclasses can add extra exception mappings during startup if no exception mappings are injected by the IoC container.
`Authentication`	`doAuthentication(Authentication authentication)` Attempts to authenticate the passed `Authentication` object.
`List`	`getProviders()`
`ConcurrentSessionController`	`getSessionController()` The configured `ConcurrentSessionController` is returned or the `NullConcurrentSessionController` if a specific one has not been set.
`void`	`setApplicationEventPublisher(ApplicationEventPublisher applicationEventPublisher)`
`void`	`setMessageSource(MessageSource messageSource)`
`void`	`setProviders(List newList)` Sets the `AuthenticationProvider` objects to be used for authentication.
`void`	`setSessionController(ConcurrentSessionController sessionController)` Set the `ConcurrentSessionController` to be used for limiting user's sessions.

Methods inherited from class org.acegisecurity.AbstractAuthenticationManager
`authenticate`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

messages

protected MessageSourceAccessor messages

Constructor Detail