Package org.springframework.security.web.authentication.preauth

Class PreAuthenticatedAuthenticationProvider

  • All Implemented Interfaces:
    org.springframework.beans.factory.InitializingBean, org.springframework.core.Ordered, org.springframework.security.authentication.AuthenticationProvider
    public class PreAuthenticatedAuthenticationProvider
extends java.lang.Object
implements org.springframework.security.authentication.AuthenticationProvider, org.springframework.beans.factory.InitializingBean, org.springframework.core.Ordered

    Processes a pre-authenticated authentication request. The request will typically originate from a AbstractPreAuthenticatedProcessingFilter subclass.

    This authentication provider will not perform any checks on authentication requests, as they should already be pre-authenticated. However, the AuthenticationUserDetailsService implementation may still throw a UsernameNotFoundException, for example.

    Since:
    2.0

    • Field Summary

      • Fields inherited from interface org.springframework.core.Ordered

        HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void afterPropertiesSet()
      Check whether all required properties have been set.
      org.springframework.security.core.Authentication authenticate​(org.springframework.security.core.Authentication authentication)
      Authenticate the given PreAuthenticatedAuthenticationToken.
      int getOrder()  
      void setOrder​(int i)  
      void setPreAuthenticatedUserDetailsService​(org.springframework.security.core.userdetails.AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> uds)
      Set the AuthenticatedUserDetailsService to be used to load the UserDetails for the authenticated user.
      void setThrowExceptionWhenTokenRejected​(boolean throwExceptionWhenTokenRejected)
      If true, causes the provider to throw a BadCredentialsException if the presented authentication request is invalid (contains a null principal or credentials).
      void setUserDetailsChecker​(org.springframework.security.core.userdetails.UserDetailsChecker userDetailsChecker)
      Sets the strategy which will be used to validate the loaded UserDetails object for the user.
      boolean supports​(java.lang.Class<?> authentication)
      Indicate that this provider only supports PreAuthenticatedAuthenticationToken (sub)classes.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • PreAuthenticatedAuthenticationProvider

        public PreAuthenticatedAuthenticationProvider()

    • Method Detail

      • afterPropertiesSet

        public void afterPropertiesSet()
        Check whether all required properties have been set.
        Specified by:
        afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean

      • authenticate

        public org.springframework.security.core.Authentication authenticate​(org.springframework.security.core.Authentication authentication)
                                                              throws org.springframework.security.core.AuthenticationException
        Authenticate the given PreAuthenticatedAuthenticationToken.

        If the principal contained in the authentication object is null, the request will be ignored to allow other providers to authenticate it.

        Specified by:
        authenticate in interface org.springframework.security.authentication.AuthenticationProvider
        Throws:
        org.springframework.security.core.AuthenticationException

      • supports

        public final boolean supports​(java.lang.Class<?> authentication)
        Indicate that this provider only supports PreAuthenticatedAuthenticationToken (sub)classes.
        Specified by:
        supports in interface org.springframework.security.authentication.AuthenticationProvider

      • setPreAuthenticatedUserDetailsService

        public void setPreAuthenticatedUserDetailsService​(org.springframework.security.core.userdetails.AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> uds)
        Set the AuthenticatedUserDetailsService to be used to load the UserDetails for the authenticated user.
        Parameters:
        uds -

      • setThrowExceptionWhenTokenRejected

        public void setThrowExceptionWhenTokenRejected​(boolean throwExceptionWhenTokenRejected)
        If true, causes the provider to throw a BadCredentialsException if the presented authentication request is invalid (contains a null principal or credentials). Otherwise it will just return null. Defaults to false.

      • setUserDetailsChecker

        public void setUserDetailsChecker​(org.springframework.security.core.userdetails.UserDetailsChecker userDetailsChecker)
        Sets the strategy which will be used to validate the loaded UserDetails object for the user. Defaults to an AccountStatusUserDetailsChecker.
        Parameters:
        userDetailsChecker -

      • getOrder

        public int getOrder()
        Specified by:
        getOrder in interface org.springframework.core.Ordered

      • setOrder

        public void setOrder​(int i)