public abstract class AuthenticatingSecurityManager extends RealmSecurityManager
SecurityManagerclass hierarchy that delegates all authentication operations to a wrapped
Authenticatorinstance. That is, this class implements all the Authenticator methods in the
SecurityManagerinterface, but in reality, those methods are merely passthrough calls to the underlying 'real' Authenticator instance.
All other SecurityManager (authorization, session, etc) methods are left to be implemented by subclasses.
In keeping with the other classes in this hierarchy and Shiro's desire to minimize configuration whenever possible, suitable default instances for all dependencies are created upon instantiation.
|Constructor and Description|
Default no-arg constructor that initializes its internal
|Modifier and Type||Method and Description|
Passes on the
Delegates to the wrapped
Returns the delegate
Sets the delegate
afterCacheManagerSet, applyCacheManagerToRealms, getRealms, setRealm, setRealms
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
checkPermission, checkPermission, checkPermissions, checkPermissions, checkRole, checkRoles, checkRoles, hasAllRoles, hasRole, hasRoles, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll
public Authenticator getAuthenticator()
Authenticatorinstance that this SecurityManager uses to perform all authentication operations. Unless overridden by the
setAuthenticator, the default instance is a
Authenticatorinstance that this SecurityManager uses to perform all authentication operations.
public void setAuthenticator(Authenticator authenticator) throws IllegalArgumentException
Authenticatorinstance that this SecurityManager uses to perform all authentication operations. Unless overridden by this method, the default instance is a
authenticator- the delegate
Authenticatorinstance that this SecurityManager will use to perform all authentication operations.
IllegalArgumentException- if the argument is
protected void afterRealmsSet()
realmsto the internal delegate
Authenticatorinstance so that it may use them during authentication attempts.
public AuthenticationInfo authenticate(AuthenticationToken token) throws AuthenticationException
token- any representation of a user's principals and credentials submitted during an authentication attempt.
AuthenticationException- if there is any problem during the authentication process. See the specific exceptions listed below to as examples of what could happen in order to accurately handle these problems and to notify the user in an appropriate manner why the authentication attempt failed. Realize an implementation of this interface may or may not throw those listed or may throw other AuthenticationExceptions, but the list shows the most common ones.
Copyright © 2004-2013 The Apache Software Foundation. All Rights Reserved.