Class SessionAuthenticationHandler

All Implemented Interfaces:

@Component @Order(100) public class SessionAuthenticationHandler extends AuthenticationHandlerAdapter
Authentication handler that returns the principal associated to the session specified by SessionCredentials. It supports setting new credentials of type UserCredentialsChange.
  • Field Details

  • Constructor Details

  • Method Details

    • authenticate

      public void authenticate(Challenge challenge, Credentials credentials)
      Description copied from interface: AuthenticationHandler

      Authenticates the given challenge by voting for or against it.

      If the supplied credentials are unknown to this handler, it may not vote at all, indicating no meaningful knowledge about the challenge.

      Specified by:
      authenticate in interface AuthenticationHandler
      authenticate in class AuthenticationHandlerAdapter
      challenge - the authentication challenge
      credentials - the credentials supplied by client in case of non-recoverable error. An exception will immediately stop authentication process to failed state.
    • postAuthenticate

      public void postAuthenticate(Challenge challenge)
      Description copied from interface: AuthenticationHandler

      After authentication has been successful for all registered AuthenticationHandlers, the post-authentication step is invoked to add more authorization information to the principal which is sure to be not null and authenticated when this method is invoked.

      This handler may also decide in this step to give a new vote for this challenge which overrides the previously given vote.

      If this throws any exception, authentication process is immediately stopped to failed state.

      Specified by:
      postAuthenticate in interface AuthenticationHandler
      postAuthenticate in class AuthenticationHandlerAdapter
      challenge - the challenge to authenticate
    • updateCredentials

      public boolean updateCredentials(Credentials oldCredentials, Credentials newCredentials)
      Description copied from interface: AuthenticationHandler
      Updates the credentials for this handler.

      If this handler is not supporting this, return false


      In case of an exception, the whole process is stopped immediately.

      Specified by:
      updateCredentials in interface AuthenticationHandler
      updateCredentials in class AuthenticationHandlerAdapter
      oldCredentials - the old credentials are used to get the principal
      newCredentials - the new credentials to set. authentication handlers should only support their sepcific type of credentials
      true if credentials were updated successfully, false if skipped