providermanager.java
来自「acegi构造安全的java系统」· Java 代码 · 共 340 行 · 第 1/2 页
JAVA
340 行
* is capable of authenticating the type of <code>Authentication</code> object passed. Authentication will then * be attempted with that <code>AuthenticationProvider</code>.</p> * <p>If more than one <code>AuthenticationProvider</code> supports the passed <code>Authentication</code> * object, only the first <code>AuthenticationProvider</code> tried will determine the result. No subsequent * <code>AuthenticationProvider</code>s will be tried.</p> * * @param authentication the authentication request object. * * @return a fully authenticated object including credentials. * * @throws AuthenticationException if authentication fails. */ public Authentication doAuthentication(Authentication authentication) throws AuthenticationException { Iterator iter = providers.iterator(); Class toTest = authentication.getClass(); AuthenticationException lastException = null; while (iter.hasNext()) { AuthenticationProvider provider = (AuthenticationProvider) iter.next(); if (provider.supports(toTest)) { logger.debug("Authentication attempt using " + provider.getClass().getName()); Authentication result = null; try { result = provider.authenticate(authentication); copyDetails(authentication, result); sessionController.checkAuthenticationAllowed(result); } catch (AuthenticationException ae) { lastException = ae; result = null; } if (result != null) { sessionController.registerSuccessfulAuthentication(result); publishEvent(new AuthenticationSuccessEvent(result)); return result; } } } if (lastException == null) { lastException = new ProviderNotFoundException(messages.getMessage("ProviderManager.providerNotFound", new Object[] {toTest.getName()}, "No AuthenticationProvider found for {0}")); } // Publish the event String className = exceptionMappings.getProperty(lastException.getClass().getName()); AbstractAuthenticationEvent event = null; if (className != null) { try { Class clazz = getClass().getClassLoader().loadClass(className); Constructor constructor = clazz.getConstructor(new Class[] { Authentication.class, AuthenticationException.class }); Object obj = constructor.newInstance(new Object[] {authentication, lastException}); Assert.isInstanceOf(AbstractAuthenticationEvent.class, obj, "Must be an AbstractAuthenticationEvent"); event = (AbstractAuthenticationEvent) obj; } catch (ClassNotFoundException ignored) {} catch (NoSuchMethodException ignored) {} catch (IllegalAccessException ignored) {} catch (InstantiationException ignored) {} catch (InvocationTargetException ignored) {} } if (event != null) { publishEvent(event); } else { if (logger.isDebugEnabled()) { logger.debug("No event was found for the exception " + lastException.getClass().getName()); } } // Throw the exception throw lastException; } /** * Copies the authentication details from a source Authentication object to a destination one, provided the * latter does not already have one set. * * @param source source authentication * @param dest the destination authentication object */ private void copyDetails(Authentication source, Authentication dest) { if ((dest instanceof AbstractAuthenticationToken) && (dest.getDetails() == null)) { AbstractAuthenticationToken token = (AbstractAuthenticationToken) dest; token.setDetails(source.getDetails()); } } public List getProviders() { return this.providers; } /** * The configured {@link ConcurrentSessionController} is returned or the {@link * NullConcurrentSessionController} if a specific one has not been set. * * @return {@link ConcurrentSessionController} instance */ public ConcurrentSessionController getSessionController() { return sessionController; } public void setApplicationEventPublisher(ApplicationEventPublisher applicationEventPublisher) { this.applicationEventPublisher = applicationEventPublisher; } public void setMessageSource(MessageSource messageSource) { this.messages = new MessageSourceAccessor(messageSource); } /** * Sets the {@link AuthenticationProvider} objects to be used for authentication. * * @param newList * * @throws IllegalArgumentException DOCUMENT ME! */ public void setProviders(List newList) { checkIfValidList(newList); Iterator iter = newList.iterator(); while (iter.hasNext()) { Object currentObject = iter.next(); Assert.isInstanceOf(AuthenticationProvider.class, currentObject, "Can only provide AuthenticationProvider instances"); } this.providers = newList; } /** * Set the {@link ConcurrentSessionController} to be used for limiting user's sessions. The {@link * NullConcurrentSessionController} is used by default * * @param sessionController {@link ConcurrentSessionController} */ public void setSessionController(ConcurrentSessionController sessionController) { this.sessionController = sessionController; } private void publishEvent(ApplicationEvent event) { if (applicationEventPublisher != null) { applicationEventPublisher.publishEvent(event); } } /** * Sets additional exception to event mappings. These are automatically merged with the default * exception to event mappings that <code>ProviderManager</code> defines. * * @param additionalExceptionMappings where keys are the fully-qualified string name of the * exception class and the values are the fully-qualified string name of the event class to fire */ public void setAdditionalExceptionMappings( Properties additionalExceptionMappings) { this.additionalExceptionMappings = additionalExceptionMappings; } }⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?