spring-security-ldap

org.springframework.security.ldap.authentication
Class AbstractLdapAuthenticationProvider

java.lang.Object
  extended by org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
All Implemented Interfaces:
MessageSourceAware, org.springframework.security.authentication.AuthenticationProvider
Direct Known Subclasses:
ActiveDirectoryLdapAuthenticationProvider, LdapAuthenticationProvider

public abstract class AbstractLdapAuthenticationProvider
extends Object
implements org.springframework.security.authentication.AuthenticationProvider, MessageSourceAware

Base class for the standard LdapAuthenticationProvider and the ActiveDirectoryLdapAuthenticationProvider.

Since:
3.1
Author:
Luke Taylor

Field Summary
protected  org.apache.commons.logging.Log logger
           
protected  MessageSourceAccessor messages
           
protected  UserDetailsContextMapper userDetailsContextMapper
           
 
Constructor Summary
AbstractLdapAuthenticationProvider()
           
 
Method Summary
 org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication)
           
protected  org.springframework.security.core.Authentication createSuccessfulAuthentication(org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication, org.springframework.security.core.userdetails.UserDetails user)
          Creates the final Authentication object which will be returned from the authenticate method.
protected abstract  DirContextOperations doAuthentication(org.springframework.security.authentication.UsernamePasswordAuthenticationToken auth)
           
protected  UserDetailsContextMapper getUserDetailsContextMapper()
          Provides access to the injected UserDetailsContextMapper strategy for use by subclasses.
protected abstract  Collection<? extends org.springframework.security.core.GrantedAuthority> loadUserAuthorities(DirContextOperations userData, String username, String password)
           
 void setAuthoritiesMapper(org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper authoritiesMapper)
           
 void setMessageSource(MessageSource messageSource)
           
 void setUseAuthenticationRequestCredentials(boolean useAuthenticationRequestCredentials)
          Determines whether the supplied password will be used as the credentials in the successful authentication token.
 void setUserDetailsContextMapper(UserDetailsContextMapper userDetailsContextMapper)
          Allows a custom strategy to be used for creating the UserDetails which will be stored as the principal in the Authentication returned by the createSuccessfulAuthentication(org.springframework.security.authentication.UsernamePasswordAuthenticationToken, org.springframework.security.core.userdetails.UserDetails) method.
 boolean supports(Class<?> authentication)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

logger

protected final org.apache.commons.logging.Log logger

messages

protected MessageSourceAccessor messages

userDetailsContextMapper

protected UserDetailsContextMapper userDetailsContextMapper
Constructor Detail

AbstractLdapAuthenticationProvider

public AbstractLdapAuthenticationProvider()
Method Detail

authenticate

public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication)
                                                              throws org.springframework.security.core.AuthenticationException
Specified by:
authenticate in interface org.springframework.security.authentication.AuthenticationProvider
Throws:
org.springframework.security.core.AuthenticationException

doAuthentication

protected abstract DirContextOperations doAuthentication(org.springframework.security.authentication.UsernamePasswordAuthenticationToken auth)

loadUserAuthorities

protected abstract Collection<? extends org.springframework.security.core.GrantedAuthority> loadUserAuthorities(DirContextOperations userData,
                                                                                                                String username,
                                                                                                                String password)

createSuccessfulAuthentication

protected org.springframework.security.core.Authentication createSuccessfulAuthentication(org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication,
                                                                                          org.springframework.security.core.userdetails.UserDetails user)
Creates the final Authentication object which will be returned from the authenticate method.

Parameters:
authentication - the original authentication request token
user - the UserDetails instance returned by the configured UserDetailsContextMapper.
Returns:
the Authentication object for the fully authenticated user.

supports

public boolean supports(Class<?> authentication)
Specified by:
supports in interface org.springframework.security.authentication.AuthenticationProvider

setUseAuthenticationRequestCredentials

public void setUseAuthenticationRequestCredentials(boolean useAuthenticationRequestCredentials)
Determines whether the supplied password will be used as the credentials in the successful authentication token. If set to false, then the password will be obtained from the UserDetails object created by the configured UserDetailsContextMapper. Often it will not be possible to read the password from the directory, so defaults to true.

Parameters:
useAuthenticationRequestCredentials -

setMessageSource

public void setMessageSource(MessageSource messageSource)
Specified by:
setMessageSource in interface MessageSourceAware

setAuthoritiesMapper

public void setAuthoritiesMapper(org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper authoritiesMapper)

setUserDetailsContextMapper

public void setUserDetailsContextMapper(UserDetailsContextMapper userDetailsContextMapper)
Allows a custom strategy to be used for creating the UserDetails which will be stored as the principal in the Authentication returned by the createSuccessfulAuthentication(org.springframework.security.authentication.UsernamePasswordAuthenticationToken, org.springframework.security.core.userdetails.UserDetails) method.

Parameters:
userDetailsContextMapper - the strategy instance. If not set, defaults to a simple LdapUserDetailsMapper.

getUserDetailsContextMapper

protected UserDetailsContextMapper getUserDetailsContextMapper()
Provides access to the injected UserDetailsContextMapper strategy for use by subclasses.


spring-security-ldap