Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Spring Security Framework
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.providers
Class ProviderManager

java.lang.Object
  extended by org.springframework.security.AbstractAuthenticationManager
      extended by org.springframework.security.providers.ProviderManager
All Implemented Interfaces:
InitializingBean, ApplicationEventPublisherAware, MessageSourceAware, AuthenticationManager
Direct Known Subclasses:
NamespaceAuthenticationManager
public class ProviderManager
extends AbstractAuthenticationManager
implements InitializingBean, MessageSourceAware, ApplicationEventPublisherAware

Iterates an Authentication request through a list of AuthenticationProviders. Can optionally be configured with a ConcurrentSessionController to limit the number of sessions a user can have.

AuthenticationProviders are usually tried in order until one provides a non-null response. A non-null response indicates the provider had authority to decide on the authentication request and no further providers are tried. If a subsequent provider successfully authenticates the request, the earlier authentication exception is disregarded and the successful authentication will be used. If no subsequent provider provides a non-null response, or a new AuthenticationException, the last AuthenticationException received will be used. If no provider returns a non-null response, or indicates it can even process an Authentication, the ProviderManager will throw a ProviderNotFoundException.

The exception to this process is when a provider throws an AccountStatusException or if the configured concurrent session controller throws a ConcurrentLoginException. In both these cases, no further providers in the list will be queried.

If a valid Authentication is returned by an AuthenticationProvider, the ProviderManager will publish an AuthenticationSuccessEvent. If an AuthenticationException is detected, the final AuthenticationException thrown will be used to publish an appropriate failure event. By default ProviderManager maps common exceptions to events, but this can be fine-tuned by providing a new exceptionMappingsjava.util.Properties object. In the properties object, each of the keys represent the fully qualified classname of the exception, and each of the values represent the name of an event class which subclasses AbstractAuthenticationFailureEvent and provides its constructor.

Version:
$Id$
Author:
Ben Alex
See Also:
ConcurrentSessionController

Field Summary
protected  MessageSourceAccessor messages
           
 
Constructor Summary
ProviderManager()
           
 
Method Summary
 void afterPropertiesSet()
           
 Authentication doAuthentication(Authentication authentication)
          Attempts to authenticate the passed Authentication object.
 List getProviders()
           
 ConcurrentSessionController getSessionController()
          The configured ConcurrentSessionController is returned or the NullConcurrentSessionController if a specific one has not been set.
 void setAdditionalExceptionMappings(Properties additionalExceptionMappings)
          Sets additional exception to event mappings.
 void setApplicationEventPublisher(ApplicationEventPublisher applicationEventPublisher)
           
 void setMessageSource(MessageSource messageSource)
           
 void setProviders(List providers)
          Sets the AuthenticationProvider objects to be used for authentication.
 void setSessionController(ConcurrentSessionController sessionController)
          Set the ConcurrentSessionController to be used for limiting users' sessions.
 
Methods inherited from class org.springframework.security.AbstractAuthenticationManager
authenticate, setClearExtraInformation
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

messages

protected MessageSourceAccessor messages
Constructor Detail

ProviderManager

public ProviderManager()
Method Detail

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception
Specified by:
afterPropertiesSet in interface InitializingBean
Throws:
Exception

doAuthentication

public Authentication doAuthentication(Authentication authentication)
                                throws AuthenticationException
Attempts to authenticate the passed Authentication object.

The list of AuthenticationProviders will be successively tried until an AuthenticationProvider indicates it is capable of authenticating the type of Authentication object passed. Authentication will then be attempted with that AuthenticationProvider.

If more than one AuthenticationProvider supports the passed Authentication object, only the first AuthenticationProvider tried will determine the result. No subsequent AuthenticationProviders will be tried.

Specified by:
doAuthentication in class AbstractAuthenticationManager
Parameters:
authentication - the authentication request object.
Returns:
a fully authenticated object including credentials.
Throws:
AuthenticationException - if authentication fails.

getProviders

public List getProviders()

getSessionController

public ConcurrentSessionController getSessionController()
The configured ConcurrentSessionController is returned or the NullConcurrentSessionController if a specific one has not been set.

Returns:
ConcurrentSessionController instance

setApplicationEventPublisher

public void setApplicationEventPublisher(ApplicationEventPublisher applicationEventPublisher)
Specified by:
setApplicationEventPublisher in interface ApplicationEventPublisherAware

setMessageSource

public void setMessageSource(MessageSource messageSource)
Specified by:
setMessageSource in interface MessageSourceAware

setProviders

public void setProviders(List providers)
Sets the AuthenticationProvider objects to be used for authentication.

Parameters:
providers - the list of authentication providers which will be used to process authentication requests.
Throws:
IllegalArgumentException - if the list is empty or null, or any of the elements in the list is not an AuthenticationProvider instance.

setSessionController

public void setSessionController(ConcurrentSessionController sessionController)
Set the ConcurrentSessionController to be used for limiting users' sessions. The NullConcurrentSessionController is used by default.

Parameters:
sessionController - ConcurrentSessionController

setAdditionalExceptionMappings

public void setAdditionalExceptionMappings(Properties additionalExceptionMappings)
Sets additional exception to event mappings. These are automatically merged with the default exception to event mappings that ProviderManager defines.

Parameters:
additionalExceptionMappings - where keys are the fully-qualified string name of the exception class and the values are the fully-qualified string name of the event class to fire.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Spring Security Framework
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2010 SpringSource, Inc. All Rights Reserved.