Class AbstractAuthenticationToken
- All Implemented Interfaces:
Serializable
,Principal
,Authentication
,CredentialsContainer
- Direct Known Subclasses:
AbstractOAuth2TokenAuthenticationToken
,AnonymousAuthenticationToken
,BearerTokenAuthenticationToken
,CasAssertionAuthenticationToken
,CasAuthenticationToken
,CasServiceTicketAuthenticationToken
,OAuth2AuthenticationToken
,OAuth2AuthorizationCodeAuthenticationToken
,OAuth2LoginAuthenticationToken
,OneTimeTokenAuthenticationToken
,PreAuthenticatedAuthenticationToken
,RememberMeAuthenticationToken
,RunAsUserToken
,Saml2Authentication
,Saml2AuthenticationToken
,TestingAuthenticationToken
,UsernamePasswordAuthenticationToken
,WebAuthnAuthentication
,WebAuthnAuthenticationRequestToken
Authentication
objects.
Implementations which use this class should be immutable.
- See Also:
-
Constructor Summary
ConstructorDescriptionAbstractAuthenticationToken
(Collection<? extends GrantedAuthority> authorities) Creates a token with the supplied array of authorities. -
Method Summary
Modifier and TypeMethodDescriptionboolean
void
Checks thecredentials
,principal
anddetails
objects, invoking theeraseCredentials
method on any which implementCredentialsContainer
.Set by anAuthenticationManager
to indicate the authorities that the principal has been granted.Stores additional details about the authentication request.getName()
int
hashCode()
boolean
Used to indicate toAbstractSecurityInterceptor
whether it should present the authentication token to theAuthenticationManager
.void
setAuthenticated
(boolean authenticated) SeeAuthentication.isAuthenticated()
for a full description.void
setDetails
(Object details) toString()
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
Methods inherited from interface org.springframework.security.core.Authentication
getCredentials, getPrincipal
-
Constructor Details
-
AbstractAuthenticationToken
Creates a token with the supplied array of authorities.- Parameters:
authorities
- the collection of GrantedAuthoritys for the principal represented by this authentication object.
-
-
Method Details
-
getAuthorities
Description copied from interface:Authentication
Set by anAuthenticationManager
to indicate the authorities that the principal has been granted. Note that classes should not rely on this value as being valid unless it has been set by a trustedAuthenticationManager
.Implementations should ensure that modifications to the returned collection array do not affect the state of the Authentication object, or use an unmodifiable instance.
- Specified by:
getAuthorities
in interfaceAuthentication
- Returns:
- the authorities granted to the principal, or an empty collection if the token has not been authenticated. Never null.
-
getName
-
isAuthenticated
public boolean isAuthenticated()Description copied from interface:Authentication
Used to indicate toAbstractSecurityInterceptor
whether it should present the authentication token to theAuthenticationManager
. Typically anAuthenticationManager
(or, more often, one of itsAuthenticationProvider
s) will return an immutable authentication token after successful authentication, in which case that token can safely returntrue
to this method. Returningtrue
will improve performance, as calling theAuthenticationManager
for every request will no longer be necessary.For security reasons, implementations of this interface should be very careful about returning
true
from this method unless they are either immutable, or have some way of ensuring the properties have not been changed since original creation.- Specified by:
isAuthenticated
in interfaceAuthentication
- Returns:
- true if the token has been authenticated and the
AbstractSecurityInterceptor
does not need to present the token to theAuthenticationManager
again for re-authentication.
-
setAuthenticated
public void setAuthenticated(boolean authenticated) Description copied from interface:Authentication
SeeAuthentication.isAuthenticated()
for a full description.Implementations should always allow this method to be called with a
false
parameter, as this is used by various classes to specify the authentication token should not be trusted. If an implementation wishes to reject an invocation with atrue
parameter (which would indicate the authentication token is trusted - a potential security risk) the implementation should throw anIllegalArgumentException
.- Specified by:
setAuthenticated
in interfaceAuthentication
- Parameters:
authenticated
-true
if the token should be trusted (which may result in an exception) orfalse
if the token should not be trusted
-
getDetails
Description copied from interface:Authentication
Stores additional details about the authentication request. These might be an IP address, certificate serial number etc.- Specified by:
getDetails
in interfaceAuthentication
- Returns:
- additional details about the authentication request, or
null
if not used
-
setDetails
-
eraseCredentials
public void eraseCredentials()Checks thecredentials
,principal
anddetails
objects, invoking theeraseCredentials
method on any which implementCredentialsContainer
.- Specified by:
eraseCredentials
in interfaceCredentialsContainer
-
equals
-
hashCode
public int hashCode() -
toString
-