Package ch.tocco.nice2.security.impl.auth

Class HandlerAuthenticator

java.lang.Object

ch.tocco.nice2.security.impl.auth.HandlerAuthenticator

All Implemented Interfaces:

Authenticator

@Component
public class HandlerAuthenticator
extends Object
implements Authenticator

Strategy of Authenticator using a contributed list of AuthenticationHandlers that are asked to vote for the passed credentials. If authentication fails for all AuthenticationHandlers an exception is thrown to indicate authentication failure. If the state ImmutableChallenge.State.SUCCESS results after all AuthenticationHandlers have been asked, the principal is returned that was set by one of the AuthenticationHandlers ("last one wins"). The state ImmutableChallenge.State.CANCELLED is used to immediately abort the authentication process throwing an AuthenticationCancelledException.

Constructor Summary

Constructors

Constructor	Description
HandlerAuthenticator(org.slf4j.Logger log, org.springframework.context.ApplicationEventPublisher eventPublisher)

Method Summary

Modifier and Type	Method	Description
AuthenticationResult	authenticate(List<Credentials> credentials, @Nullable String requestUri)	Attempts to authenticates a subject using the supplied Credentialss.
void	setAuthenticationHandlers(List<AuthenticationHandler> authenticationHandlers)
void	setCredentials(List<Credentials> credentials, Credentials newCredentials)	Sets new credentials for the principal that is retrieved from the list of credentials.
void	setLoginFailureDelayMinimumInMs(int loginFailureDelayMinimumInMs)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

HandlerAuthenticator

public HandlerAuthenticator(org.slf4j.Logger log,
 org.springframework.context.ApplicationEventPublisher eventPublisher)

Method Details

setLoginFailureDelayMinimumInMs

@Value("${security.loginFailureDelayMinimumInMs}")
public void setLoginFailureDelayMinimumInMs(int loginFailureDelayMinimumInMs)

authenticate

public AuthenticationResult authenticate(List<Credentials> credentials,
 @Nullable
 @Nullable String requestUri)
                                  throws AuthenticationFailedException

Description copied from interface: Authenticator

Attempts to authenticates a subject using the supplied Credentialss. If authentication is successful a fully populated Principal is returned (with all authorized roles).

If authentication fails an exception is thrown which may hold more information about the cause. This may be used to inform the user about locked accounts or expired passwords, but may not be populated at all.

Specified by:

authenticate in interface Authenticator

Parameters:

credentials - credentials to authenticate

Throws:

AuthenticationFailedException - if authentication failed due to internal error

setCredentials

public void setCredentials(List<Credentials> credentials,
 Credentials newCredentials)
                    throws UnsupportedCredentialSetException

Description copied from interface: Authenticator

Sets new credentials for the principal that is retrieved from the list of credentials.

Specified by:

setCredentials in interface Authenticator

Parameters:

credentials - old credentials for retrieving the principal

newCredentials - the new credentials to set

Throws:

UnsupportedCredentialSetException - if the underlying authentication strategy does not support setting new credentials (a fingerprint reader for example).

setAuthenticationHandlers

@Autowired
public void setAuthenticationHandlers(List<AuthenticationHandler> authenticationHandlers)