AuthenticatingSecurityManager (Apache Shiro

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.shiro.mgt
Class AuthenticatingSecurityManager

java.lang.Object
  org.apache.shiro.mgt.CachingSecurityManager
      org.apache.shiro.mgt.RealmSecurityManager
          org.apache.shiro.mgt.AuthenticatingSecurityManager

All Implemented Interfaces:: Authenticator, Authorizer, CacheManagerAware, SecurityManager, SessionManager, Destroyable

Direct Known Subclasses:: AuthorizingSecurityManager

public abstract class AuthenticatingSecurityManager
extends RealmSecurityManager
extends RealmSecurityManager

Shiro support of a SecurityManager class hierarchy that delegates all authentication operations to a wrapped Authenticator instance. That is, this class implements all the Authenticator methods in the SecurityManager interface, but in reality, those methods are merely passthrough calls to the underlying 'real' Authenticator instance.

All other SecurityManager (authorization, session, etc) methods are left to be implemented by subclasses.

In keeping with the other classes in this hierarchy and Shiro's desire to minimize configuration whenever possible, suitable default instances for all dependencies are created upon instantiation.

Since:: 0.9

Constructor Summary
`AuthenticatingSecurityManager()` Default no-arg constructor that initializes its internal `authenticator` instance to a `ModularRealmAuthenticator`.

Method Summary
`protected void`	`afterRealmsSet()` Passes on the `realms` to the internal delegate `Authenticator` instance so that it may use them during authentication attempts.
`AuthenticationInfo`	`authenticate(AuthenticationToken token)` Delegates to the wrapped `Authenticator` for authentication.
`void`	`destroy()` Destroys the `cacheManager` via `LifecycleUtils.destroy`.
`Authenticator`	`getAuthenticator()` Returns the delegate `Authenticator` instance that this SecurityManager uses to perform all authentication operations.
`void`	`setAuthenticator(Authenticator authenticator)` Sets the delegate `Authenticator` instance that this SecurityManager uses to perform all authentication operations.

Methods inherited from class org.apache.shiro.mgt.RealmSecurityManager
`afterCacheManagerSet, applyCacheManagerToRealms, getRealms, setRealm, setRealms`

Methods inherited from class org.apache.shiro.mgt.CachingSecurityManager
`getCacheManager, setCacheManager`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Methods inherited from interface org.apache.shiro.mgt.SecurityManager
`createSubject, login, logout`

Methods inherited from interface org.apache.shiro.authz.Authorizer
`checkPermission, checkPermission, checkPermissions, checkPermissions, checkRole, checkRoles, checkRoles, hasAllRoles, hasRole, hasRoles, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll`

Methods inherited from interface org.apache.shiro.session.mgt.SessionManager
`getSession, start`

Constructor Detail

AuthenticatingSecurityManager

public AuthenticatingSecurityManager()

Default no-arg constructor that initializes its internal authenticator instance to a ModularRealmAuthenticator.

Method Detail

getAuthenticator

public Authenticator getAuthenticator()

Returns the delegate Authenticator instance that this SecurityManager uses to perform all authentication operations. Unless overridden by the setAuthenticator, the default instance is a ModularRealmAuthenticator.

Returns:: the delegate Authenticator instance that this SecurityManager uses to perform all authentication operations.

setAuthenticator

public void setAuthenticator(Authenticator authenticator)
                      throws IllegalArgumentException

Sets the delegate Authenticator instance that this SecurityManager uses to perform all authentication operations. Unless overridden by this method, the default instance is a ModularRealmAuthenticator.

Parameters:: authenticator - the delegate Authenticator instance that this SecurityManager will use to perform all authentication operations.
Throws:: IllegalArgumentException - if the argument is null.

afterRealmsSet

protected void afterRealmsSet()

Passes on the realms to the internal delegate Authenticator instance so that it may use them during authentication attempts.

Overrides:: afterRealmsSet in class RealmSecurityManager

authenticate

public AuthenticationInfo authenticate(AuthenticationToken token)
                                throws AuthenticationException

Delegates to the wrapped Authenticator for authentication.

Parameters:: token - any representation of a user's principals and credentials submitted during an authentication attempt.
Returns:: the AuthenticationInfo representing the authenticating user's account data.
Throws:: AuthenticationException - if there is any problem during the authentication process. See the specific exceptions listed below to as examples of what could happen in order to accurately handle these problems and to notify the user in an appropriate manner why the authentication attempt failed. Realize an implementation of this interface may or may not throw those listed or may throw other AuthenticationExceptions, but the list shows the most common ones.
See Also:: ExpiredCredentialsException, IncorrectCredentialsException, ExcessiveAttemptsException, LockedAccountException, ConcurrentAccessException, UnknownAccountException

destroy

public void destroy()

Description copied from class: CachingSecurityManager

Destroys the cacheManager via LifecycleUtils.destroy.

Specified by:: destroy in interface Destroyable
Overrides:: destroy in class RealmSecurityManager