public class CoreAuthenticationProvider
extends java.lang.Object
AuthenticationProvider which is designed to respond to UsernamePasswordAuthenticationToken and
RememberMeAuthenticationToken authentication requests.
Upon successful validation, a UsernamePasswordAuthenticationToken or
RememberMeAuthenticationToken will be created and returned to the caller. The token will include as its
principal either a String representation of the username, or the CoreUserDetails that was
returned from the authentication repository. Using String is appropriate if a container adapter is being
used, as it expects String representations of the username. Using CoreUserDetails is
appropriate if you require access to additional properties of the authenticated user, such as email addresses,
human-friendly names etc. As container adapters are not recommended to be used, and CoreUserDetails
implementations provide additional flexibility, by default a CoreUserDetails is returned.
| Modifier and Type | Class and Description |
|---|---|
static class |
CoreAuthenticationProvider.CoreAuthenticationException |
| Modifier and Type | Field and Description |
|---|---|
protected MessageSourceAccessor |
messages |
| Constructor and Description |
|---|
CoreAuthenticationProvider() |
| Modifier and Type | Method and Description |
|---|---|
protected void |
additionalAuthenticationChecks(UserDetails details,
AbstractAuthenticationToken authentication) |
void |
afterPropertiesSet() |
Authentication |
authenticate(Authentication authentication) |
protected Authentication |
createSuccessAuthentication(Authentication authentication,
UserDetails user)
Creates a successful
Authentication object. |
UserDetailsChecker |
getPreAuthenticationChecks() |
UserDetailsService |
getUserDetailsService() |
protected UserDetails |
retrieveUser(java.lang.String username) |
void |
setMessageSource(MessageSource messageSource) |
void |
setPreAuthenticationChecks(UserDetailsChecker preAuthenticationChecks) |
void |
setUserDetailsService(UserDetailsService userDetailsService) |
boolean |
supports(java.lang.Class authentication) |
public void setMessageSource(MessageSource messageSource)
public final void afterPropertiesSet()
throws java.lang.Exception
java.lang.Exceptionpublic void setPreAuthenticationChecks(UserDetailsChecker preAuthenticationChecks)
public UserDetailsChecker getPreAuthenticationChecks()
public Authentication authenticate(Authentication authentication)
throws AuthenticationException
AuthenticationExceptionpublic UserDetailsService getUserDetailsService()
public void setUserDetailsService(UserDetailsService userDetailsService)
protected void additionalAuthenticationChecks(UserDetails details,
AbstractAuthenticationToken authentication)
throws AuthenticationException
AuthenticationExceptionpublic boolean supports(java.lang.Class authentication)
protected final UserDetails retrieveUser(java.lang.String username)
throws AuthenticationException
AuthenticationExceptionprotected Authentication createSuccessAuthentication(Authentication authentication,
UserDetails user)
Authentication object.
Protected so subclasses can override.
Subclasses will usually store the original credentials the user supplied (not salted or encoded passwords) in the
returned Authentication object.
authentication - that was presented to the provider for validationuser - that was loaded by the implementationCopyright © 2018 SAP SE. All Rights Reserved.