public abstract class AbstractAuthenticator extends Object implements Authenticator, LogoutAware
Authenticator
implementations that performs the common work around authentication
attempts.
This class delegates the actual authentication attempt to subclasses but supports notification for
successful and failed logins as well as logouts. Notification is sent to one or more registered
AuthenticationListener
s to allow for custom processing logic
when these conditions occur.
In most cases, the only thing a subclass needs to do (via its doAuthenticate(org.apache.shiro.authc.AuthenticationToken)
implementation)
is perform the actual principal/credential verification process for the submitted AuthenticationToken
.Constructor and Description |
---|
AbstractAuthenticator()
Default no-argument constructor.
|
Modifier and Type | Method and Description |
---|---|
AuthenticationInfo |
authenticate(AuthenticationToken token)
Implementation of the
Authenticator interface that functions in the following manner:
Calls template doAuthenticate method for subclass execution of the actual
authentication behavior.
If an AuthenticationException is thrown during doAuthenticate ,
notify any registered
AuthenticationListener s of the exception and then propogate the exception
for the caller to handle.
If no exception is thrown (indicating a successful login),
notify any registered
AuthenticationListener s of the successful attempt.
Return the AuthenticationInfo
|
protected abstract AuthenticationInfo |
doAuthenticate(AuthenticationToken token)
Template design pattern hook for subclasses to implement specific authentication behavior.
|
Collection<AuthenticationListener> |
getAuthenticationListeners()
Returns the
AuthenticationListener s that should be notified during authentication
attempts. |
protected void |
notifyFailure(AuthenticationToken token,
AuthenticationException ae)
Notifies any registered
AuthenticationListener s that
authentication failed for the
specified token which resulted in the specified ae exception. |
protected void |
notifyLogout(PrincipalCollection principals)
Notifies any registered
AuthenticationListener s that a
Subject has logged-out. |
protected void |
notifySuccess(AuthenticationToken token,
AuthenticationInfo info)
Notifies any registered
AuthenticationListener s that
authentication was successful for the specified token which resulted in the specified
info . |
void |
onLogout(PrincipalCollection principals)
This implementation merely calls
notifyLogout to allow any registered listeners
to react to the logout. |
void |
setAuthenticationListeners(Collection<AuthenticationListener> listeners)
Sets the
AuthenticationListener s that should be notified during authentication
attempts. |
public AbstractAuthenticator()
AuthenticationListener
collection is a non-null ArrayList
.public void setAuthenticationListeners(Collection<AuthenticationListener> listeners)
AuthenticationListener
s that should be notified during authentication
attempts.listeners
- one or more AuthenticationListener
s that should be notified due to an
authentication attempt.public Collection<AuthenticationListener> getAuthenticationListeners()
AuthenticationListener
s that should be notified during authentication
attempts.AuthenticationListener
s that should be notified during authentication
attempts.protected void notifySuccess(AuthenticationToken token, AuthenticationInfo info)
AuthenticationListener
s that
authentication was successful for the specified token
which resulted in the specified
info
. This implementation merely iterates over the internal listeners
collection and
calls onSuccess
for each.token
- the submitted AuthenticationToken
that resulted in a successful authentication.info
- the returned AuthenticationInfo
resulting from the successful authentication.protected void notifyFailure(AuthenticationToken token, AuthenticationException ae)
AuthenticationListener
s that
authentication failed for the
specified token
which resulted in the specified ae
exception. This implementation merely
iterates over the internal listeners
collection and calls
onFailure
for each.token
- the submitted AuthenticationToken
that resulted in a failed authentication.ae
- the resulting AuthenticationException
that caused the authentication to fail.protected void notifyLogout(PrincipalCollection principals)
AuthenticationListener
s that a
Subject
has logged-out. This implementation merely
iterates over the internal listeners
collection and calls
onLogout
for each.principals
- the identifying principals of the Subject
/account logging out.public void onLogout(PrincipalCollection principals)
notifyLogout
to allow any registered listeners
to react to the logout.onLogout
in interface LogoutAware
principals
- the identifying principals of the Subject
/account logging out.public final AuthenticationInfo authenticate(AuthenticationToken token) throws AuthenticationException
Authenticator
interface that functions in the following manner:
doAuthenticate
method for subclass execution of the actual
authentication behavior.AuthenticationException
is thrown during doAuthenticate
,
notify
any registered
AuthenticationListener
s of the exception and then propogate the exception
for the caller to handle.notify
any registered
AuthenticationListener
s of the successful attempt.AuthenticationInfo
authenticate
in interface Authenticator
token
- the submitted token representing the subject's (user's) login principals and credentials.AuthenticationException
- if there is any problem during the authentication process - see the
interface's JavaDoc for a more detailed explanation.ExpiredCredentialsException
,
IncorrectCredentialsException
,
ExcessiveAttemptsException
,
LockedAccountException
,
ConcurrentAccessException
,
UnknownAccountException
protected abstract AuthenticationInfo doAuthenticate(AuthenticationToken token) throws AuthenticationException
authenticate(org.apache.shiro.authc.AuthenticationToken)
method and that method invokes this one for custom behavior.
N.B. Subclasses should throw some kind of
AuthenticationException
if there is a problem during
authentication instead of returning null
. A null
return value indicates
a configuration or programming error, since AuthenticationException
s should
indicate any expected problem (such as an unknown account or username, or invalid password, etc).token
- the authentication token encapsulating the user's login information.AuthenticationInfo
object encapsulating the user's account information
important to Shiro.AuthenticationException
- if there is a problem logging in the user.Copyright © 2004–2019 The Apache Software Foundation. All rights reserved.