AbstractAuthenticationManager xref

View Javadoc

1   /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity;
17  
18  
19  /**
20   * An abstract implementation of the {@link AuthenticationManager}.
21   *
22   * @author Wesley Hall
23   * @version $Id: AbstractAuthenticationManager.java 2654 2008-02-18 20:44:09Z luke_t $
24   */
25  public abstract class AbstractAuthenticationManager implements AuthenticationManager {
26  
27      //~ Instance fields ================================================================================================
28      private boolean clearExtraInformation = true;
29  
30      //~ Methods ========================================================================================================
31  
32      /**
33       * <p>An implementation of the <code>authenticate</code> method that calls the abstract method
34       * <code>doAuthenticatation</code> to do its work.</p>
35       *  <p>If doAuthenticate throws an <code>AuthenticationException</code> then the exception is populated
36       * with the failed <code>Authentication</code> object that failed.</p>
37       *
38       * @param authRequest the authentication request object
39       *
40       * @return a fully authenticated object including credentials
41       *
42       * @throws AuthenticationException if authentication fails
43       */
44      public final Authentication authenticate(Authentication authRequest)
45          throws AuthenticationException {
46          try {
47              return doAuthentication(authRequest);
48          } catch (AuthenticationException e) {
49              e.setAuthentication(authRequest);
50  
51              if (clearExtraInformation) {
52                  e.clearExtraInformation();
53              }
54  
55              throw e;
56          }
57      }
58  
59      /**
60       * <p>Concrete implementations of this class override this method to provide the authentication service.</p>
61       *  <p>The contract for this method is documented in the {@link
62       * AuthenticationManager#authenticate(Authentication)}.</p>
63       *
64       * @param authentication the authentication request object
65       *
66       * @return a fully authenticated object including credentials
67       *
68       * @throws AuthenticationException if authentication fails
69       */
70      protected abstract Authentication doAuthentication(Authentication authentication)
71          throws AuthenticationException;
72  
73      /**
74       * If set to true, the <tt>extraInformation</tt> set on an <tt>AuthenticationException</tt> will be cleared
75       * before rethrowing it. This is useful for use with remoting protocols where the information shouldn't
76       * be serialized to the client. Defaults to 'false'.
77       *
78       * @see AuthenticationException#getExtraInformation()
79       */
80      public void setClearExtraInformation(boolean clearExtraInformation) {
81          this.clearExtraInformation = clearExtraInformation;
82      }
83  }