com.communote.server.core.security.authentication

Class BaseCommunoteAuthenticationProvider

java.lang.Object

com.communote.server.core.security.authentication.BaseCommunoteAuthenticationProvider

All Implemented Interfaces:

org.springframework.security.authentication.AuthenticationProvider

Direct Known Subclasses:

DatabaseAuthenticationProvider, ExternalAuthenticationProvider

public abstract class BaseCommunoteAuthenticationProvider
extends Object
implements org.springframework.security.authentication.AuthenticationProvider

Base class for all Communote authentication providers.

Author:

Communote GmbH - http://www.communote.com/

Constructor Summary

Constructors

Constructor and Description
BaseCommunoteAuthenticationProvider()

Method Summary

Modifier and Type	Method and Description
org.springframework.security.core.Authentication	authenticate(org.springframework.security.core.Authentication authentication)
protected abstract org.springframework.security.core.Authentication	createSuccessAuthentication(UserDetails details, org.springframework.security.core.Authentication authentication) Creates a successful Authentication object.
abstract String	getIdentifier()
abstract List<InvitationField>	getInvitationFields()
protected abstract UserDetails	handleRetrieveUserDetails(org.springframework.security.core.Authentication authentication) Tries to retrieve user details using the passed authentication.
abstract UserVO	queryUser(Map<InvitationField,String> queryData) Queries a user and returns the user data
UserDetails	retrieveAndAuthenticateUserDetails(org.springframework.security.core.Authentication authentication) Uses the passed authentication to retrieve and authenticate the user Details.
abstract boolean	supportsUserQuerying() Checks if the provider is enabled and configured for user querying

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.springframework.security.authentication.AuthenticationProvider

supports

Constructor Detail

BaseCommunoteAuthenticationProvider

public BaseCommunoteAuthenticationProvider()

Method Detail

authenticate

public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication)
                                                              throws org.springframework.security.core.AuthenticationException

Specified by:

authenticate in interface org.springframework.security.authentication.AuthenticationProvider

Throws:

org.springframework.security.core.AuthenticationException

createSuccessAuthentication

protected abstract org.springframework.security.core.Authentication createSuccessAuthentication(UserDetails details,
                                                                                                org.springframework.security.core.Authentication authentication)

Creates a successful Authentication object. Subclasses will usually store the original credentials the user supplied (not salted or encoded passwords) in the returned Authentication object.

Parameters:

details - the authenticated user details. Subclasses should store it as principal in the authentication object.

authentication - that was presented to the provider for validation

Returns:

the successful authentication token

getIdentifier

public abstract String getIdentifier()

Returns:

Returns an identifier for this provider.

getInvitationFields

public abstract List<InvitationField> getInvitationFields()

Returns:

all invitation fields this provider requires

handleRetrieveUserDetails

protected abstract UserDetails handleRetrieveUserDetails(org.springframework.security.core.Authentication authentication)
                                                  throws org.springframework.security.core.AuthenticationException

Tries to retrieve user details using the passed authentication.

Parameters:

authentication - describes the user to retrieve

Returns:

the user details. May return null if the AuthenticationProvider is unable to support authentication of the passed Authentication object. In such a case, the next AuthenticationProvider that supports the presented Authentication class will be tried.

Throws:

org.springframework.security.core.AuthenticationException - in case there is no user for the passed authentication

queryUser

public abstract UserVO queryUser(Map<InvitationField,String> queryData)

Queries a user and returns the user data

Parameters:

queryData - the data to use for query. See InvitationField for possible values. The fields this provider uses are defined by getInvitationFields()

Returns:

the found user as value object, or null

Throws:

org.springframework.security.core.AuthenticationException

retrieveAndAuthenticateUserDetails

public UserDetails retrieveAndAuthenticateUserDetails(org.springframework.security.core.Authentication authentication)
                                               throws org.springframework.security.core.AuthenticationException

Uses the passed authentication to retrieve and authenticate the user Details. Subclasses should override the handleRetrieveUserDetails(Authentication) method to provide an appropriate implementation for user retrieval. In case the user cannot be authenticated an exception is thrown.

Parameters:

authentication - the appropriate authentication

Returns:

the user details

Throws:

org.springframework.security.core.AuthenticationException - in case the user cannot be authenticated

supportsUserQuerying

public abstract boolean supportsUserQuerying()

Checks if the provider is enabled and configured for user querying

Returns:

true if this provider, in his current state, supports user querying