AbstractAuthenticationManager xref

View Javadoc

1   /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.springframework.security;
17  
18  /**
19   * An abstract implementation of the {@link AuthenticationManager}.
20   *
21   * @author Wesley Hall
22   * @version $Id: AbstractAuthenticationManager.java 2653 2008-02-18 20:18:40Z luke_t $
23   */
24  public abstract class AbstractAuthenticationManager implements AuthenticationManager {
25  
26      //~ Instance fields ================================================================================================
27      private boolean clearExtraInformation = false;
28  
29      //~ Methods ========================================================================================================
30  
31      /**
32       * An implementation of the <code>authenticate</code> method that calls the abstract method
33       * <code>doAuthenticatation</code> to do its work.
34       * <p>
35       * If doAuthenticate throws an <code>AuthenticationException</code> then the exception is populated
36       * with the failed <code>Authentication</code> object that failed.
37       *
38       * @param authRequest the authentication request object
39       *
40       * @return a fully authenticated object including credentials
41       *
42       * @throws AuthenticationException if authentication fails
43       */
44      public final Authentication authenticate(Authentication authRequest) throws AuthenticationException {
45          try {
46              return doAuthentication(authRequest);
47          } catch (AuthenticationException e) {
48              e.setAuthentication(authRequest);
49  
50              if (clearExtraInformation) {
51                  e.clearExtraInformation();
52              }
53  
54              throw e;
55          }
56      }
57  
58      /**
59       * Concrete implementations of this class override this method to provide the authentication service.
60       * <p>
61       * The contract for this method is documented in the
62       * {@link AuthenticationManager#authenticate(Authentication)}.
63       *
64       * @param authentication the authentication request object
65       *
66       * @return a fully authenticated object including credentials
67       *
68       * @throws AuthenticationException if authentication fails
69       */
70      protected abstract Authentication doAuthentication(Authentication authentication) throws AuthenticationException;
71  
72      /**
73       * If set to true, the <tt>extraInformation</tt> set on an <tt>AuthenticationException</tt> will be cleared
74       * before rethrowing it. This is useful for use with remoting protocols where the information shouldn't
75       * be serialized to the client. Defaults to 'false'.
76       *
77       * @see org.springframework.security.AuthenticationException#getExtraInformation()  
78       */
79      public void setClearExtraInformation(boolean clearExtraInformation) {
80          this.clearExtraInformation = clearExtraInformation;
81      }
82  }