org.acegisecurity.providers.x509
Class X509AuthenticationProvider

java.lang.Object
  extended by org.acegisecurity.providers.x509.X509AuthenticationProvider
All Implemented Interfaces:
AuthenticationProvider, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware

public class X509AuthenticationProvider
extends Object
implements AuthenticationProvider, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware

Processes an X.509 authentication request.

The request will typically originate from X509ProcessingFilter).

Version:
$Id: X509AuthenticationProvider.java 1948 2007-08-25 00:15:30Z benalex $
Author:
Luke Taylor

Field Summary
protected  org.springframework.context.support.MessageSourceAccessor messages
           
 
Constructor Summary
X509AuthenticationProvider()
           
 
Method Summary
 void afterPropertiesSet()
           
 Authentication authenticate(Authentication authentication)
          If the supplied authentication token contains a certificate then this will be passed to the configured X509AuthoritiesPopulator to obtain the user details and authorities for the user identified by the certificate.
 void setMessageSource(org.springframework.context.MessageSource messageSource)
           
 void setX509AuthoritiesPopulator(X509AuthoritiesPopulator x509AuthoritiesPopulator)
           
 void setX509UserCache(X509UserCache cache)
           
 boolean supports(Class authentication)
          Returns true if this AuthenticationProvider supports the indicated Authentication object.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

messages

protected org.springframework.context.support.MessageSourceAccessor messages
Constructor Detail

X509AuthenticationProvider

public X509AuthenticationProvider()
Method Detail

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception
Specified by:
afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean
Throws:
Exception

authenticate

public Authentication authenticate(Authentication authentication)
                            throws AuthenticationException
If the supplied authentication token contains a certificate then this will be passed to the configured X509AuthoritiesPopulator to obtain the user details and authorities for the user identified by the certificate.

If no certificate is present (for example, if the filter is applied to an HttpRequest for which client authentication hasn't been configured in the container) then a BadCredentialsException will be raised.

Specified by:
authenticate in interface AuthenticationProvider
Parameters:
authentication - the authentication request.
Returns:
an X509AuthenticationToken containing the authorities of the principal represented by the certificate.
Throws:
AuthenticationException - if the X509AuthoritiesPopulator rejects the certficate.
BadCredentialsException - if no certificate was presented in the authentication request.

setMessageSource

public void setMessageSource(org.springframework.context.MessageSource messageSource)
Specified by:
setMessageSource in interface org.springframework.context.MessageSourceAware

setX509AuthoritiesPopulator

public void setX509AuthoritiesPopulator(X509AuthoritiesPopulator x509AuthoritiesPopulator)

setX509UserCache

public void setX509UserCache(X509UserCache cache)

supports

public boolean supports(Class authentication)
Description copied from interface: AuthenticationProvider
Returns true if this AuthenticationProvider supports the indicated Authentication object.

Returning true does not guarantee an AuthenticationProvider will be able to authenticate the presented instance of the Authentication class. It simply indicates it can support closer evaluation of it. An AuthenticationProvider can still return null from the AuthenticationProvider.authenticate(Authentication) method to indicate another AuthenticationProvider should be tried.

Selection of an AuthenticationProvider capable of performing authentication is conducted at runtime the ProviderManager.

Specified by:
supports in interface AuthenticationProvider
Parameters:
authentication - DOCUMENT ME!
Returns:
true if the implementation can more closely evaluate the Authentication class presented


Copyright © 2004-2009 Interface21, Inc. All Rights Reserved.