io.oasp.module.security.common.base.accesscontrol

Class SimpleAccessControlBasedAuthenticationProvider

java.lang.Object

org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider

io.oasp.module.security.common.base.accesscontrol.AbstractAccessControlBasedAuthenticationProvider<org.springframework.security.core.userdetails.User,Principal>

io.oasp.module.security.common.base.accesscontrol.SimpleAccessControlBasedAuthenticationProvider

All Implemented Interfaces:

org.springframework.beans.factory.Aware, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware, org.springframework.security.authentication.AuthenticationProvider

public class SimpleAccessControlBasedAuthenticationProvider
extends AbstractAccessControlBasedAuthenticationProvider<org.springframework.security.core.userdetails.User,Principal>

This is a simple implementation of AbstractAccessControlBasedAuthenticationProvider.

Author:

hohwille

Field Summary

Fields inherited from class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider

hideUserNotFoundExceptions, logger, messages

Constructor Summary

Constructors

Constructor and Description
SimpleAccessControlBasedAuthenticationProvider() The constructor.

Method Summary

Methods

Modifier and Type	Method and Description
protected org.springframework.security.core.userdetails.User	createUser(String username, String password, Principal principal, Set<org.springframework.security.core.GrantedAuthority> authorities) Creates an instance of UserDetails that represent the user with the given username.
protected Principal	retrievePrincipal(String username, org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication) Retrieves the internal Principal object representing the user.

Methods inherited from class io.oasp.module.security.common.base.accesscontrol.AbstractAccessControlBasedAuthenticationProvider

additionalAuthenticationChecks, retrieveUser, setAccessControlProvider, setPrincipalAccessControlProvider

Methods inherited from class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider

afterPropertiesSet, authenticate, createSuccessAuthentication, doAfterPropertiesSet, getPostAuthenticationChecks, getPreAuthenticationChecks, getUserCache, isForcePrincipalAsString, isHideUserNotFoundExceptions, setAuthoritiesMapper, setForcePrincipalAsString, setHideUserNotFoundExceptions, setMessageSource, setPostAuthenticationChecks, setPreAuthenticationChecks, setUserCache, supports

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SimpleAccessControlBasedAuthenticationProvider

public SimpleAccessControlBasedAuthenticationProvider()

The constructor.

Method Detail

createUser

protected org.springframework.security.core.userdetails.User createUser(String username,
                                                            String password,
                                                            Principal principal,
                                                            Set<org.springframework.security.core.GrantedAuthority> authorities)

Description copied from class: AbstractAccessControlBasedAuthenticationProvider

Creates an instance of UserDetails that represent the user with the given username.

Specified by:

createUser in class AbstractAccessControlBasedAuthenticationProvider<org.springframework.security.core.userdetails.User,Principal>

Parameters:

username - is the login of the user to create.

password - the password of the user.

principal - is the internal Principal that has been provided by AbstractAccessControlBasedAuthenticationProvider.retrievePrincipal(String, UsernamePasswordAuthenticationToken).

authorities - are the granted authorities or in other words the permissions of the user.

Returns:

the new user object.

retrievePrincipal

protected Principal retrievePrincipal(String username,
                          org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication)

Description copied from class: AbstractAccessControlBasedAuthenticationProvider

Retrieves the internal Principal object representing the user. This can be any object implementing Principal and can contain additional user details such as profile data. This object is used to retrieve the (top-level) AccessControls that have been granted to the user.

Specified by:

retrievePrincipal in class AbstractAccessControlBasedAuthenticationProvider<org.springframework.security.core.userdetails.User,Principal>

Parameters:

username - is the login of the user.

authentication - is the UsernamePasswordAuthenticationToken.

Returns:

the Principal.