usernamepasswordauthenticationtoken.java

acegi_secutity_1.6源码 最好用的安全认证框架

/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.acegisecurity.providers;

import org.acegisecurity.GrantedAuthority;


/**
 * An {@link org.acegisecurity.Authentication} implementation that is designed for simple presentation of a
 * username and password.<p>The <code>principal</code> and <code>credentials</code> should be set with an
 * <code>Object</code> that provides the respective property via its <code>Object.toString()</code> method. The
 * simplest such <code>Object</code> to use is <code>String</code>.</p>
 *
 * @author Ben Alex
 * @version $Id: UsernamePasswordAuthenticationToken.java 1784 2007-02-24 21:00:24Z luke_t $
 */
public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationToken {
    //~ Instance fields ================================================================================================

    private static final long serialVersionUID = 1L;
    private Object credentials;
    private Object principal;

    //~ Constructors ===================================================================================================

/**
     * This constructor can be safely used by any code that wishes to create a
     * <code>UsernamePasswordAuthenticationToken</code>, as the {@link
     * #isAuthenticated()} will return <code>false</code>.
     *
     * @param principal DOCUMENT ME!
     * @param credentials DOCUMENT ME!
     */
    public UsernamePasswordAuthenticationToken(Object principal, Object credentials) {
        super(null);
        this.principal = principal;
        this.credentials = credentials;
        setAuthenticated(false);
    }

/**
     * This constructor should only be used by
     * <code>AuthenticationManager</code> or
     * <code>AuthenticationProvider</code> implementations that are satisfied
     * with producing a trusted (ie {@link #isAuthenticated()} =
     * <code>true</code>) authentication token.
     *
     * @param principal
     * @param credentials
     * @param authorities
     */
    public UsernamePasswordAuthenticationToken(Object principal, Object credentials, GrantedAuthority[] authorities) {
        super(authorities);
        this.principal = principal;
        this.credentials = credentials;
        super.setAuthenticated(true); // must use super, as we override
    }

    //~ Methods ========================================================================================================

    public Object getCredentials() {
        return this.credentials;
    }

    public Object getPrincipal() {
        return this.principal;
    }

    public void setAuthenticated(boolean isAuthenticated)
        throws IllegalArgumentException {
        if (isAuthenticated) {
            throw new IllegalArgumentException(
                "Cannot set this token to trusted - use constructor containing GrantedAuthority[]s instead");
        }

        super.setAuthenticated(false);
    }
}