Authentication (Acegi Security System for Spring 1.0.0-RC1 API)

Method Summary
`GrantedAuthority[]`	`getAuthorities()` Set by an `AuthenticationManager` to indicate the authorities that the principal has been granted.
`Object`	`getCredentials()` The credentials that prove the principal is correct.
`Object`	`getDetails()` Stores additional details about the authentication request.
`Object`	`getPrincipal()` The identity of the principal being authenticated.
`boolean`	`isAuthenticated()` Used to indicate to `AbstractSecurityInterceptor` whether it should present the authentication token to the `AuthenticationManager`.
`void`	`setAuthenticated(boolean isAuthenticated)` See `isAuthenticated()` for a full description.

Methods inherited from interface java.security.Principal
`equals, getName, hashCode, toString`

Method Detail

setAuthenticated

void setAuthenticated(boolean isAuthenticated)
                      throws IllegalArgumentException

See isAuthenticated() for a full description.

Implementations should always allow this method to be called with a false parameter, as this is used by various classes to specify the authentication token should not be trusted. If an implementation wishes to reject an invocation with a true parameter (which would indicate the authentication token is trusted - a potential security risk) the implementation should throw an IllegalArgumentException.

Parameters:: isAuthenticated - true if the token should be trusted (which may result in an exception) or false if the token should not be trusted
Throws:: IllegalArgumentException - if an attempt to make the authentication token trusted (by passing true as the argument) is rejected due to the implementation being immutable or implementing its own alternative approach to isAuthenticated()

isAuthenticated

boolean isAuthenticated()

Used to indicate to AbstractSecurityInterceptor whether it should present the authentication token to the AuthenticationManager. Typically an AuthenticationManager (or, more often, one of its AuthenticationProviders) will return an immutable authentication token after successful authentication, in which case that token can safely return true to this method. Returning true will improve performance, as calling the AuthenticationManager for every request will no longer be necessary.

For security reasons, implementations of this interface should be very careful about returning true to this method unless they are either immutable, or have some way of ensuring the properties have not been changed since original creation.

Returns:: true if the token has been authenticated and the AbstractSecurityInterceptor does not need to represent the token for re-authentication to the AuthenticationManager

getAuthorities

GrantedAuthority[] getAuthorities()

Set by an AuthenticationManager to indicate the authorities that the principal has been granted. Note that classes should not rely on this value as being valid unless it has been set by a trusted AuthenticationManager.

Returns:: the authorities granted to the principal, or null if authentication has not been completed

getCredentials

Object getCredentials()

The credentials that prove the principal is correct. This is usually a password, but could be anything relevant to the AuthenticationManager. Callers are expected to populate the credentials.

Returns:: the credentials that prove the identity of the Principal

getDetails

Object getDetails()

Stores additional details about the authentication request. These might be an IP address, certificate serial number etc.

Returns:: additional details about the authentication request, or null if not used

getPrincipal

Object getPrincipal()

The identity of the principal being authenticated. This is usually a username. Callers are expected to populate the principal.

Returns:: the Principal being authenticated

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD