1 package org.springframework.security.providers.preauth;
2
3 import org.springframework.security.providers.AbstractAuthenticationToken;
4 import org.springframework.security.GrantedAuthority;
5
6
7 /**
8 * {@link org.springframework.security.Authentication} implementation for pre-authenticated
9 * authentication.
10 *
11 * @author Ruud Senden
12 * @since 2.0
13 */
14 public class PreAuthenticatedAuthenticationToken extends AbstractAuthenticationToken {
15 private Object principal;
16
17 private Object credentials;
18
19 /**
20 * Constructor used for an authentication request. The {@link
21 * org.springframework.security.Authentication#isAuthenticated()} will return
22 * <code>false</code>.
23 *
24 * @TODO Should we have only a single credentials parameter here? For
25 * example for X509 the certificate is used as credentials, while
26 * currently a J2EE username is specified as a principal but could as
27 * well be set as credentials.
28 *
29 * @param aPrincipal
30 * The pre-authenticated principal
31 * @param aCredentials
32 * The pre-authenticated credentials
33 */
34 public PreAuthenticatedAuthenticationToken(Object aPrincipal, Object aCredentials) {
35 super(null);
36 this.principal = aPrincipal;
37 this.credentials = aCredentials;
38 }
39
40 /**
41 * Constructor used for an authentication response. The {@link
42 * org.springframework.security.Authentication#isAuthenticated()} will return
43 * <code>true</code>.
44 *
45 * @param aPrincipal
46 * The authenticated principal
47 * @param anAuthorities
48 * The granted authorities
49 */
50 public PreAuthenticatedAuthenticationToken(Object aPrincipal, Object aCredentials, GrantedAuthority[] anAuthorities) {
51 super(anAuthorities);
52 this.principal = aPrincipal;
53 this.credentials = aCredentials;
54 setAuthenticated(true);
55 }
56
57 /**
58 * Get the credentials
59 */
60 public Object getCredentials() {
61 return this.credentials;
62 }
63
64 /**
65 * Get the principal
66 */
67 public Object getPrincipal() {
68 return this.principal;
69 }
70
71 }