DefaultJaasAuthenticationProvider

Class Overview

Creates a LoginContext using the Configuration provided to it. This allows the configuration to be injected regardless of the value of getConfiguration().

While not bound to any particular Configuration implementation, an in memory version of a JAAS configuration can be represented using InMemoryConfiguration.

The following JAAS configuration:

 SPRINGSECURITY {
    sample.SampleLoginModule required;
  };
 

Can be represented as follows:

 <bean id="jaasAuthProvider" class="org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider">
   <property name="configuration">
     <bean class="org.springframework.security.authentication.jaas.memory.InMemoryConfiguration">
       <constructor-arg>
         <map>
           <!-- SPRINGSECURITY is the default loginContextName for AbstractJaasAuthenticationProvider-->
           <entry key="SPRINGSECURITY">
             <array>
               <bean class="javax.security.auth.login.AppConfigurationEntry">
                 <constructor-arg value="sample.SampleLoginModule" />
                 <constructor-arg>
                   <util:constant static-field="javax.security.auth.login.AppConfigurationEntry$LoginModuleControlFlag.REQUIRED" />
                 </constructor-arg>
                 <constructor-arg>
                   <map></map>
                 </constructor-arg>
               </bean>
             </array>
           </entry>
         </map>
       </constructor-arg>
     </bean>
   </property>
   <property name="authorityGranters">
     <list>
       <!-- You will need to write your own implementation of AuthorityGranter -->
       <bean class="org.springframework.security.authentication.jaas.TestAuthorityGranter"/>
     </list>
   </property>
 </bean>
 

Summary

[Expand] Inherited Fields
From class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider protected final Log log

[Expand] Inherited Methods
From class org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider void afterPropertiesSet() Validates the required properties are set. Authentication authenticate(Authentication auth) Attempts to login the user given the Authentication objects principal and credential abstract LoginContext createLoginContext(CallbackHandler handler) Creates the LoginContext to be used for authentication. ApplicationEventPublisher getApplicationEventPublisher() void handleLogout(SessionDestroyedEvent event) Handles the logout by getting the security contexts for the destroyed session and invoking LoginContext.logout() for any which contain a JaasAuthenticationToken. void onApplicationEvent(SessionDestroyedEvent event) void publishFailureEvent(UsernamePasswordAuthenticationToken token, AuthenticationException ase) Publishes the JaasAuthenticationFailedEvent. void publishSuccessEvent(UsernamePasswordAuthenticationToken token) Publishes the JaasAuthenticationSuccessEvent. void setApplicationEventPublisher(ApplicationEventPublisher applicationEventPublisher) void setAuthorityGranters(AuthorityGranter[] authorityGranters) Set the AuthorityGranters that should be consulted for role names to be granted to the Authentication. void setCallbackHandlers(JaasAuthenticationCallbackHandler[] callbackHandlers) Set the JAASAuthentcationCallbackHandler array to handle callback objects generated by the LoginContext.login method. void setLoginContextName(String loginContextName) Set the loginContextName, this name is used as the index to the configuration specified in the loginConfig property. void setLoginExceptionResolver(LoginExceptionResolver loginExceptionResolver) boolean supports(Class<?> aClass) Returns true if this AuthenticationProvider supports the indicated Authentication object.
From class java.lang.Object Object clone() boolean equals(Object arg0) void finalize() final Class<?> getClass() int hashCode() final void notify() final void notifyAll() String toString() final void wait() final void wait(long arg0, int arg1) final void wait(long arg0)
From interface org.springframework.beans.factory.InitializingBean abstract void afterPropertiesSet()
From interface org.springframework.context.ApplicationEventPublisherAware abstract void setApplicationEventPublisher(ApplicationEventPublisher arg0)
From interface org.springframework.security.authentication.AuthenticationProvider abstract Authentication authenticate(Authentication authentication) Performs authentication with the same contract as authenticate(Authentication). abstract boolean supports(Class<?> authentication) Returns true if this AuthenticationProvider supports the indicated Authentication object.