CasAuthenticationProvider
extends Objectimplements InitializingBean MessageSourceAware AuthenticationProvider
| java.lang.Object | |
| ↳ | org.springframework.security.cas.authentication.CasAuthenticationProvider |
Class Overview
An AuthenticationProvider implementation that integrates with JA-SIG Central Authentication Service
(CAS).
This AuthenticationProvider is capable of validating UsernamePasswordAuthenticationToken
requests which contain a principal name equal to either
CAS_STATEFUL_IDENTIFIER or CAS_STATELESS_IDENTIFIER.
It can also validate a previously created CasAuthenticationToken.
Summary
| Fields | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| messages | |||||||||||
| Public Constructors | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Public Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Performs authentication with the same contract as
authenticate(Authentication). | |||||||||||
Returns
true if this AuthenticationProvider supports the indicated
Authentication object. | |||||||||||
| Protected Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Template method for retrieving the UserDetails based on the assertion.
| |||||||||||
|
[Expand]
Inherited Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Object
| |||||||||||
|
From interface
org.springframework.beans.factory.InitializingBean
| |||||||||||
|
From interface
org.springframework.context.MessageSourceAware
| |||||||||||
|
From interface
org.springframework.security.authentication.AuthenticationProvider
| |||||||||||
Fields
protected MessageSourceAccessor messages
Public Constructors
public CasAuthenticationProvider ()
Public Methods
public Authentication authenticate (Authentication authentication)
Performs authentication with the same contract as authenticate(Authentication).
Parameters
| authentication | the authentication request object. |
|---|
Returns
- a fully authenticated object including credentials. May return
nullif theAuthenticationProvideris unable to support authentication of the passedAuthenticationobject. In such a case, the nextAuthenticationProviderthat supports the presentedAuthenticationclass will be tried.
Throws
| AuthenticationException |
|---|
public void setAuthenticationUserDetailsService (AuthenticationUserDetailsService<CasAssertionAuthenticationToken> authenticationUserDetailsService)
public void setMessageSource (MessageSource messageSource)
public void setTicketValidator (TicketValidator ticketValidator)
public boolean supports (Class<?> authentication)
Returns true if this AuthenticationProvider supports the indicated
Authentication object.
Returning true does not guarantee an AuthenticationProvider will be able to
authenticate the presented instance of the Authentication class. It simply indicates it can support
closer evaluation of it. An AuthenticationProvider can still return null from the
authenticate(Authentication) method to indicate another AuthenticationProvider should be
tried.
Selection of an AuthenticationProvider capable of performing authentication is
conducted at runtime the ProviderManager.
Returns
trueif the implementation can more closely evaluate theAuthenticationclass presented
Protected Methods
protected TicketValidator getTicketValidator ()
protected UserDetails loadUserByAssertion (Assertion assertion)
Template method for retrieving the UserDetails based on the assertion. Default is to call configured userDetailsService and pass the username. Deployers can override this method and retrieve the user based on any criteria they desire.
Parameters
| assertion | The CAS Assertion. |
|---|
Returns
- the UserDetails.