AbstractAuthenticationStrategy (Apache Shiro

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.shiro.authc.pam
Class AbstractAuthenticationStrategy

java.lang.Object
  org.apache.shiro.authc.pam.AbstractAuthenticationStrategy

All Implemented Interfaces:: AuthenticationStrategy

Direct Known Subclasses:: AllSuccessfulStrategy, AtLeastOneSuccessfulStrategy, FirstSuccessfulStrategy

public abstract class AbstractAuthenticationStrategy
extends Object
implements AuthenticationStrategy
extends Object
implements AuthenticationStrategy

Abstract base implementation for Shiro's concrete AuthenticationStrategy implementations.

Since:: 0.9

Constructor Summary
`AbstractAuthenticationStrategy()`

Method Summary
`AuthenticationInfo`	`afterAllAttempts(AuthenticationToken token, AuthenticationInfo aggregate)` Simply returns the `aggregate` argument without modification.
`AuthenticationInfo`	`afterAttempt(Realm realm, AuthenticationToken token, AuthenticationInfo singleRealmInfo, AuthenticationInfo aggregateInfo, Throwable t)` Base implementation that will aggregate the specified `singleRealmInfo` into the `aggregateInfo` and then returns the aggregate.
`AuthenticationInfo`	`beforeAllAttempts(Collection<? extends Realm> realms, AuthenticationToken token)` Simply returns `new SimpleAuthenticationInfo();`, which supports aggregating account data across realms.
`AuthenticationInfo`	`beforeAttempt(Realm realm, AuthenticationToken token, AuthenticationInfo aggregate)` Simply returns the `aggregate` method argument, without modification.
`protected AuthenticationInfo`	`merge(AuthenticationInfo info, AuthenticationInfo aggregate)` Merges the specified `info` argument into the `aggregate` argument and then returns an aggregate for continued use throughout the login process.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

AbstractAuthenticationStrategy

public AbstractAuthenticationStrategy()

Method Detail

beforeAllAttempts

public AuthenticationInfo beforeAllAttempts(Collection<? extends Realm> realms,
                                            AuthenticationToken token)
                                     throws AuthenticationException

Simply returns new SimpleAuthenticationInfo();, which supports aggregating account data across realms.

Specified by:: beforeAllAttempts in interface AuthenticationStrategy

Parameters:: realms - the Realms that will be consulted during the authentication process for the specified token.; token - the Principal/Credential representation to be used during authentication for a corresponding subject.
Returns:: an empty AuthenticationInfo object that will populated with data from multiple realms.
Throws:: AuthenticationException - if the strategy implementation does not wish the Authentication attempt to execute.

beforeAttempt

public AuthenticationInfo beforeAttempt(Realm realm,
                                        AuthenticationToken token,
                                        AuthenticationInfo aggregate)
                                 throws AuthenticationException

Simply returns the aggregate method argument, without modification.

Specified by:: beforeAttempt in interface AuthenticationStrategy

Parameters:: realm - the realm that will be consulted for AuthenticationInfo for the specified token.; token - the AuthenticationToken submitted for the subject attempting system log-in.; aggregate - the aggregated AuthenticationInfo object being used across the multi-realm authentication attempt
Returns:: the AuthenticationInfo object that will be presented to further realms in the authentication process - returning the aggregate method argument is the normal case if no special action needs to be taken.
Throws:: AuthenticationException - an exception thrown by the Strategy implementation if it wishes the login process for the associated subject (user) to stop immediately.

afterAttempt

public AuthenticationInfo afterAttempt(Realm realm,
                                       AuthenticationToken token,
                                       AuthenticationInfo singleRealmInfo,
                                       AuthenticationInfo aggregateInfo,
                                       Throwable t)
                                throws AuthenticationException

Base implementation that will aggregate the specified singleRealmInfo into the aggregateInfo and then returns the aggregate. Can be overridden by subclasses for custom behavior.

Specified by:: afterAttempt in interface AuthenticationStrategy

Parameters:: realm - the realm that was just consulted for AuthenticationInfo for the given token.; token - the AuthenticationToken submitted for the subject attempting system log-in.; singleRealmInfo - the info returned from a single realm.; aggregateInfo - the aggregate info representing all realms in a multi-realm environment.; t - the Throwable thrown by the Realm during the attempt, or null if the method returned normally.
Returns:: the AuthenticationInfo object that will be presented to further realms in the authentication process - returning the aggregateAccount method argument is the normal case if no special action needs to be taken.
Throws:: AuthenticationException - an exception thrown by the Strategy implementation if it wishes the login process for the associated subject (user) to stop immediately.

merge

protected AuthenticationInfo merge(AuthenticationInfo info,
                                   AuthenticationInfo aggregate)

Merges the specified info argument into the aggregate argument and then returns an aggregate for continued use throughout the login process.

This implementation merely checks to see if the specified aggregate argument is an instance of MergableAuthenticationInfo, and if so, calls aggregate.merge(info) If it is not an instance of MergableAuthenticationInfo, an IllegalArgumentException is thrown. Can be overridden by subclasses for custom merging behavior if implementing the MergableAuthenticationInfo is not desired for some reason.

afterAllAttempts

public AuthenticationInfo afterAllAttempts(AuthenticationToken token,
                                           AuthenticationInfo aggregate)
                                    throws AuthenticationException

Simply returns the aggregate argument without modification. Can be overridden for custom behavior.

Specified by:: afterAllAttempts in interface AuthenticationStrategy

Parameters:: token - the AuthenticationToken submitted for the subject attempting system log-in.; aggregate - the aggregate AuthenticationInfo instance populated by all realms during the log-in attempt.
Returns:: the final AuthenticationInfo object to return to the Authenticator.authenticate() caller.
Throws:: AuthenticationException - if the Strategy implementation wishes to fail the authentication attempt.