org.springframework.security.access.intercept
Class RunAsImplAuthenticationProvider

java.lang.Object
  extended by org.springframework.security.access.intercept.RunAsImplAuthenticationProvider
All Implemented Interfaces:
InitializingBean, MessageSourceAware, AuthenticationProvider

public class RunAsImplAuthenticationProvider
extends Object
implements InitializingBean, AuthenticationProvider, MessageSourceAware

An AuthenticationProvider implementation that can authenticate a RunAsUserToken.

Configured in the bean context with a key that should match the key used by adapters to generate the RunAsUserToken. It treats as valid any RunAsUserToken instance presenting a hash code that matches the RunAsImplAuthenticationProvider-configured key.

If the key does not match, a BadCredentialsException is thrown.


Field Summary
protected  MessageSourceAccessor messages
           
 
Constructor Summary
RunAsImplAuthenticationProvider()
           
 
Method Summary
 void afterPropertiesSet()
           
 Authentication authenticate(Authentication authentication)
          Performs authentication with the same contract as AuthenticationManager.authenticate(Authentication).
 String getKey()
           
 void setKey(String key)
           
 void setMessageSource(MessageSource messageSource)
           
 boolean supports(Class<? extends Object> authentication)
          Returns true if this AuthenticationProvider supports the indicated Authentication object.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

messages

protected MessageSourceAccessor messages
Constructor Detail

RunAsImplAuthenticationProvider

public RunAsImplAuthenticationProvider()
Method Detail

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception
Specified by:
afterPropertiesSet in interface InitializingBean
Throws:
Exception

authenticate

public Authentication authenticate(Authentication authentication)
                            throws AuthenticationException
Description copied from interface: AuthenticationProvider
Performs authentication with the same contract as AuthenticationManager.authenticate(Authentication).

Specified by:
authenticate in interface AuthenticationProvider
Parameters:
authentication - the authentication request object.
Returns:
a fully authenticated object including credentials. May return null if the AuthenticationProvider is unable to support authentication of the passed Authentication object. In such a case, the next AuthenticationProvider that supports the presented Authentication class will be tried.
Throws:
AuthenticationException - if authentication fails.

getKey

public String getKey()

setKey

public void setKey(String key)

setMessageSource

public void setMessageSource(MessageSource messageSource)
Specified by:
setMessageSource in interface MessageSourceAware

supports

public boolean supports(Class<? extends Object> authentication)
Description copied from interface: AuthenticationProvider
Returns true if this AuthenticationProvider supports the indicated Authentication object.

Returning true does not guarantee an AuthenticationProvider will be able to authenticate the presented instance of the Authentication class. It simply indicates it can support closer evaluation of it. An AuthenticationProvider can still return null from the AuthenticationProvider.authenticate(Authentication) method to indicate another AuthenticationProvider should be tried.

Selection of an AuthenticationProvider capable of performing authentication is conducted at runtime the ProviderManager.

Specified by:
supports in interface AuthenticationProvider
Returns:
true if the implementation can more closely evaluate the Authentication class presented