Class AbstractLdapAuthenticationProvider
java.lang.Object
org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
- All Implemented Interfaces:
org.springframework.beans.factory.Aware
,org.springframework.context.MessageSourceAware
,org.springframework.security.authentication.AuthenticationProvider
- Direct Known Subclasses:
ActiveDirectoryLdapAuthenticationProvider
,LdapAuthenticationProvider
public abstract class AbstractLdapAuthenticationProvider
extends Object
implements org.springframework.security.authentication.AuthenticationProvider, org.springframework.context.MessageSourceAware
Base class for the standard
LdapAuthenticationProvider
and the
ActiveDirectoryLdapAuthenticationProvider
.- Since:
- 3.1
-
Field Summary
Modifier and TypeFieldDescriptionprotected final org.apache.commons.logging.Log
protected org.springframework.context.support.MessageSourceAccessor
protected UserDetailsContextMapper
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionorg.springframework.security.core.Authentication
authenticate
(org.springframework.security.core.Authentication authentication) protected org.springframework.security.core.Authentication
createSuccessfulAuthentication
(org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication, org.springframework.security.core.userdetails.UserDetails user) Creates the finalAuthentication
object which will be returned from theauthenticate
method.protected abstract org.springframework.ldap.core.DirContextOperations
doAuthentication
(org.springframework.security.authentication.UsernamePasswordAuthenticationToken auth) protected UserDetailsContextMapper
Provides access to the injectedUserDetailsContextMapper
strategy for use by subclasses.protected abstract Collection<? extends org.springframework.security.core.GrantedAuthority>
loadUserAuthorities
(org.springframework.ldap.core.DirContextOperations userData, String username, String password) void
setAuthoritiesMapper
(org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper authoritiesMapper) Sets theGrantedAuthoritiesMapper
used for converting the authorities loaded from storage to a new set of authorities which will be associated to theUsernamePasswordAuthenticationToken
.void
setMessageSource
(org.springframework.context.MessageSource messageSource) void
setUseAuthenticationRequestCredentials
(boolean useAuthenticationRequestCredentials) Determines whether the supplied password will be used as the credentials in the successful authentication token.void
setUserDetailsContextMapper
(UserDetailsContextMapper userDetailsContextMapper) Allows a custom strategy to be used for creating the UserDetails which will be stored as the principal in the Authentication returned by thecreateSuccessfulAuthentication(org.springframework.security.authentication.UsernamePasswordAuthenticationToken, org.springframework.security.core.userdetails.UserDetails)
method.boolean
-
Field Details
-
logger
protected final org.apache.commons.logging.Log logger -
messages
protected org.springframework.context.support.MessageSourceAccessor messages -
userDetailsContextMapper
-
-
Constructor Details
-
AbstractLdapAuthenticationProvider
public AbstractLdapAuthenticationProvider()
-
-
Method Details
-
authenticate
public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication) throws org.springframework.security.core.AuthenticationException - Specified by:
authenticate
in interfaceorg.springframework.security.authentication.AuthenticationProvider
- Throws:
org.springframework.security.core.AuthenticationException
-
doAuthentication
protected abstract org.springframework.ldap.core.DirContextOperations doAuthentication(org.springframework.security.authentication.UsernamePasswordAuthenticationToken auth) -
loadUserAuthorities
protected abstract Collection<? extends org.springframework.security.core.GrantedAuthority> loadUserAuthorities(org.springframework.ldap.core.DirContextOperations userData, String username, String password) -
createSuccessfulAuthentication
protected org.springframework.security.core.Authentication createSuccessfulAuthentication(org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication, org.springframework.security.core.userdetails.UserDetails user) Creates the finalAuthentication
object which will be returned from theauthenticate
method.- Parameters:
authentication
- the original authentication request tokenuser
- the UserDetails instance returned by the configured UserDetailsContextMapper.- Returns:
- the Authentication object for the fully authenticated user.
-
supports
- Specified by:
supports
in interfaceorg.springframework.security.authentication.AuthenticationProvider
-
setUseAuthenticationRequestCredentials
public void setUseAuthenticationRequestCredentials(boolean useAuthenticationRequestCredentials) Determines whether the supplied password will be used as the credentials in the successful authentication token. If set to false, then the password will be obtained from the UserDetails object created by the configuredUserDetailsContextMapper
. Often it will not be possible to read the password from the directory, so defaults to true.- Parameters:
useAuthenticationRequestCredentials
-
-
setMessageSource
public void setMessageSource(org.springframework.context.MessageSource messageSource) - Specified by:
setMessageSource
in interfaceorg.springframework.context.MessageSourceAware
-
setAuthoritiesMapper
public void setAuthoritiesMapper(org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper authoritiesMapper) Sets theGrantedAuthoritiesMapper
used for converting the authorities loaded from storage to a new set of authorities which will be associated to theUsernamePasswordAuthenticationToken
. If not set, defaults to aNullAuthoritiesMapper
.- Parameters:
authoritiesMapper
- theGrantedAuthoritiesMapper
used for mapping the user's authorities
-
setUserDetailsContextMapper
Allows a custom strategy to be used for creating the UserDetails which will be stored as the principal in the Authentication returned by thecreateSuccessfulAuthentication(org.springframework.security.authentication.UsernamePasswordAuthenticationToken, org.springframework.security.core.userdetails.UserDetails)
method.- Parameters:
userDetailsContextMapper
- the strategy instance. If not set, defaults to a simple LdapUserDetailsMapper.
-
getUserDetailsContextMapper
Provides access to the injectedUserDetailsContextMapper
strategy for use by subclasses.
-