Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.acegisecurity.providers.x509
Class X509AuthenticationToken

java.lang.Object
  extended by org.acegisecurity.providers.AbstractAuthenticationToken
      extended by org.acegisecurity.providers.x509.X509AuthenticationToken
All Implemented Interfaces:
Serializable, Principal, Authentication
public class X509AuthenticationToken
extends AbstractAuthenticationToken

Authentication implementation for X.509 client-certificate authentication.

Version:
$Id: X509AuthenticationToken.java,v 1.5 2005/11/17 00:56:09 benalex Exp $
Author:
Luke Taylor
See Also:
Serialized Form

Constructor Summary
X509AuthenticationToken(Object principal, X509Certificate credentials, GrantedAuthority[] authorities)
           
X509AuthenticationToken(X509Certificate credentials)
          Used for an authentication request
 
Method Summary
 GrantedAuthority[] getAuthorities()
          Set by an AuthenticationManager to indicate the authorities that the principal has been granted.
 Object getCredentials()
          The credentials that prove the principal is correct.
 Object getDetails()
          Subclasses should override if they wish to provide additional details about the authentication event.
 Object getPrincipal()
          The identity of the principal being authenticated.
 boolean isAuthenticated()
          Used to indicate to AbstractSecurityInterceptor whether it should present the authentication token to the AuthenticationManager.
 void setAuthenticated(boolean isAuthenticated)
          See Authentication.isAuthenticated() for a full description.
 void setDetails(Object details)
           
 
Methods inherited from class org.acegisecurity.providers.AbstractAuthenticationToken
equals, getName, toString
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 
Methods inherited from interface java.security.Principal
hashCode
 

Constructor Detail

X509AuthenticationToken

public X509AuthenticationToken(X509Certificate credentials)
Used for an authentication request

X509AuthenticationToken

public X509AuthenticationToken(Object principal,
                               X509Certificate credentials,
                               GrantedAuthority[] authorities)
Method Detail

getDetails

public Object getDetails()
Description copied from class: AbstractAuthenticationToken
Subclasses should override if they wish to provide additional details about the authentication event.

Specified by:
getDetails in interface Authentication
Overrides:
getDetails in class AbstractAuthenticationToken
Returns:
always null

setDetails

public void setDetails(Object details)

setAuthenticated

public void setAuthenticated(boolean isAuthenticated)
Description copied from interface: Authentication
See Authentication.isAuthenticated() for a full description.

Implementations should always allow this method to be called with a false parameter, as this is used by various classes to specify the authentication token should not be trusted. If an implementation wishes to reject an invocation with a true parameter (which would indicate the authentication token is trusted - a potential security risk) the implementation should throw an IllegalArgumentException.

Parameters:
isAuthenticated - true if the token should be trusted (which may result in an exception) or false if the token should not be trusted

isAuthenticated

public boolean isAuthenticated()
Description copied from interface: Authentication
Used to indicate to AbstractSecurityInterceptor whether it should present the authentication token to the AuthenticationManager. Typically an AuthenticationManager (or, more often, one of its AuthenticationProviders) will return an immutable authentication token after successful authentication, in which case that token can safely return true to this method. Returning true will improve performance, as calling the AuthenticationManager for every request will no longer be necessary.

For security reasons, implementations of this interface should be very careful about returning true to this method unless they are either immutable, or have some way of ensuring the properties have not been changed since original creation.

Returns:
true if the token has been authenticated and the AbstractSecurityInterceptor does not need to represent the token for re-authentication to the AuthenticationManager

getAuthorities

public GrantedAuthority[] getAuthorities()
Description copied from interface: Authentication
Set by an AuthenticationManager to indicate the authorities that the principal has been granted. Note that classes should not rely on this value as being valid unless it has been set by a trusted AuthenticationManager.

Returns:
the authorities granted to the principal, or null if authentication has not been completed

getCredentials

public Object getCredentials()
Description copied from interface: Authentication
The credentials that prove the principal is correct. This is usually a password, but could be anything relevant to the AuthenticationManager. Callers are expected to populate the credentials.

Returns:
the credentials that prove the identity of the Principal

getPrincipal

public Object getPrincipal()
Description copied from interface: Authentication
The identity of the principal being authenticated. This is usually a username. Callers are expected to populate the principal.

Returns:
the Principal being authenticated
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2005 Acegi Technology Pty Limited. All Rights Reserved.