Class AbstractLdapAuthenticationProvider
- java.lang.Object
-
- org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
-
- All Implemented Interfaces:
org.springframework.beans.factory.Aware
,org.springframework.context.MessageSourceAware
,org.springframework.security.authentication.AuthenticationProvider
- Direct Known Subclasses:
ActiveDirectoryLdapAuthenticationProvider
,LdapAuthenticationProvider
public abstract class AbstractLdapAuthenticationProvider extends java.lang.Object implements org.springframework.security.authentication.AuthenticationProvider, org.springframework.context.MessageSourceAware
Base class for the standardLdapAuthenticationProvider
and theActiveDirectoryLdapAuthenticationProvider
.- Since:
- 3.1
-
-
Field Summary
Fields Modifier and Type Field Description protected org.apache.commons.logging.Log
logger
protected org.springframework.context.support.MessageSourceAccessor
messages
protected UserDetailsContextMapper
userDetailsContextMapper
-
Constructor Summary
Constructors Constructor Description AbstractLdapAuthenticationProvider()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description org.springframework.security.core.Authentication
authenticate(org.springframework.security.core.Authentication authentication)
protected org.springframework.security.core.Authentication
createSuccessfulAuthentication(org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication, org.springframework.security.core.userdetails.UserDetails user)
Creates the finalAuthentication
object which will be returned from theauthenticate
method.protected abstract org.springframework.ldap.core.DirContextOperations
doAuthentication(org.springframework.security.authentication.UsernamePasswordAuthenticationToken auth)
protected UserDetailsContextMapper
getUserDetailsContextMapper()
Provides access to the injectedUserDetailsContextMapper
strategy for use by subclasses.protected abstract java.util.Collection<? extends org.springframework.security.core.GrantedAuthority>
loadUserAuthorities(org.springframework.ldap.core.DirContextOperations userData, java.lang.String username, java.lang.String password)
void
setAuthoritiesMapper(org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper authoritiesMapper)
Sets theGrantedAuthoritiesMapper
used for converting the authorities loaded from storage to a new set of authorities which will be associated to theUsernamePasswordAuthenticationToken
.void
setMessageSource(org.springframework.context.MessageSource messageSource)
void
setUseAuthenticationRequestCredentials(boolean useAuthenticationRequestCredentials)
Determines whether the supplied password will be used as the credentials in the successful authentication token.void
setUserDetailsContextMapper(UserDetailsContextMapper userDetailsContextMapper)
Allows a custom strategy to be used for creating the UserDetails which will be stored as the principal in the Authentication returned by thecreateSuccessfulAuthentication(org.springframework.security.authentication.UsernamePasswordAuthenticationToken, org.springframework.security.core.userdetails.UserDetails)
method.boolean
supports(java.lang.Class<?> authentication)
-
-
-
Field Detail
-
logger
protected final org.apache.commons.logging.Log logger
-
messages
protected org.springframework.context.support.MessageSourceAccessor messages
-
userDetailsContextMapper
protected UserDetailsContextMapper userDetailsContextMapper
-
-
Method Detail
-
authenticate
public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication) throws org.springframework.security.core.AuthenticationException
- Specified by:
authenticate
in interfaceorg.springframework.security.authentication.AuthenticationProvider
- Throws:
org.springframework.security.core.AuthenticationException
-
doAuthentication
protected abstract org.springframework.ldap.core.DirContextOperations doAuthentication(org.springframework.security.authentication.UsernamePasswordAuthenticationToken auth)
-
loadUserAuthorities
protected abstract java.util.Collection<? extends org.springframework.security.core.GrantedAuthority> loadUserAuthorities(org.springframework.ldap.core.DirContextOperations userData, java.lang.String username, java.lang.String password)
-
createSuccessfulAuthentication
protected org.springframework.security.core.Authentication createSuccessfulAuthentication(org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication, org.springframework.security.core.userdetails.UserDetails user)
Creates the finalAuthentication
object which will be returned from theauthenticate
method.- Parameters:
authentication
- the original authentication request tokenuser
- the UserDetails instance returned by the configured UserDetailsContextMapper.- Returns:
- the Authentication object for the fully authenticated user.
-
supports
public boolean supports(java.lang.Class<?> authentication)
- Specified by:
supports
in interfaceorg.springframework.security.authentication.AuthenticationProvider
-
setUseAuthenticationRequestCredentials
public void setUseAuthenticationRequestCredentials(boolean useAuthenticationRequestCredentials)
Determines whether the supplied password will be used as the credentials in the successful authentication token. If set to false, then the password will be obtained from the UserDetails object created by the configuredUserDetailsContextMapper
. Often it will not be possible to read the password from the directory, so defaults to true.- Parameters:
useAuthenticationRequestCredentials
-
-
setMessageSource
public void setMessageSource(org.springframework.context.MessageSource messageSource)
- Specified by:
setMessageSource
in interfaceorg.springframework.context.MessageSourceAware
-
setAuthoritiesMapper
public void setAuthoritiesMapper(org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper authoritiesMapper)
Sets theGrantedAuthoritiesMapper
used for converting the authorities loaded from storage to a new set of authorities which will be associated to theUsernamePasswordAuthenticationToken
. If not set, defaults to aNullAuthoritiesMapper
.- Parameters:
authoritiesMapper
- theGrantedAuthoritiesMapper
used for mapping the user's authorities
-
setUserDetailsContextMapper
public void setUserDetailsContextMapper(UserDetailsContextMapper userDetailsContextMapper)
Allows a custom strategy to be used for creating the UserDetails which will be stored as the principal in the Authentication returned by thecreateSuccessfulAuthentication(org.springframework.security.authentication.UsernamePasswordAuthenticationToken, org.springframework.security.core.userdetails.UserDetails)
method.- Parameters:
userDetailsContextMapper
- the strategy instance. If not set, defaults to a simple LdapUserDetailsMapper.
-
getUserDetailsContextMapper
protected UserDetailsContextMapper getUserDetailsContextMapper()
Provides access to the injectedUserDetailsContextMapper
strategy for use by subclasses.
-
-