AuthenticationTrustResolver
| org.springframework.security.authentication.AuthenticationTrustResolver |
 Known Indirect Subclasses
|
Class Overview
Evaluates Authentication tokens
Summary
| Public Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Indicates whether the passed
Authentication token represents an anonymous user. | |||||||||||
Indicates whether the passed
Authentication token represents user that has been remembered
(i.e. | |||||||||||
Public Methods
public abstract boolean isAnonymous (Authentication authentication)
Indicates whether the passed Authentication token represents an anonymous user. Typically
the framework will call this method if it is trying to decide whether an AccessDeniedException
should result in a final rejection (i.e. as would be the case if the principal was non-anonymous/fully
authenticated) or direct the principal to attempt actual authentication (i.e. as would be the case if the
Authentication was merely anonymous).
Parameters
| authentication | to test (may be null in which case the method will always return
false) |
|---|
Returns
truethe passed authentication token represented an anonymous principal,falseotherwise
public abstract boolean isRememberMe (Authentication authentication)
Indicates whether the passed Authentication token represents user that has been remembered
(i.e. not a user that has been fully authenticated).
The method is provided to assist with custom AccessDecisionVoters and the like that you
might develop. Of course, you don't need to use this method either and can develop your own "trust level"
hierarchy instead.
Parameters
| authentication | to test (may be null in which case the method will always return
false) |
|---|
Returns
truethe passed authentication token represented a principal authenticated using a remember-me token,falseotherwise