org.apache.shiro.mgt

Class AuthenticatingSecurityManager

java.lang.Object

org.apache.shiro.mgt.CachingSecurityManager

org.apache.shiro.mgt.RealmSecurityManager

org.apache.shiro.mgt.AuthenticatingSecurityManager

All Implemented Interfaces:

Authenticator, Authorizer, CacheManagerAware, EventBusAware, SecurityManager, SessionManager, Destroyable

Direct Known Subclasses:

AuthorizingSecurityManager

public abstract class AuthenticatingSecurityManager
extends RealmSecurityManager

Shiro support of a SecurityManager class hierarchy that delegates all authentication operations to a wrapped Authenticator instance. That is, this class implements all the Authenticator methods in the SecurityManager interface, but in reality, those methods are merely passthrough calls to the underlying 'real' Authenticator instance.

All other SecurityManager (authorization, session, etc) methods are left to be implemented by subclasses.

In keeping with the other classes in this hierarchy and Shiro's desire to minimize configuration whenever possible, suitable default instances for all dependencies are created upon instantiation.

Since:

0.9

Constructor Summary

Constructors

Constructor and Description
AuthenticatingSecurityManager() Default no-arg constructor that initializes its internal authenticator instance to a ModularRealmAuthenticator.

Method Summary

Modifier and Type	Method and Description
protected void	afterRealmsSet() Passes on the realms to the internal delegate Authenticator instance so that it may use them during authentication attempts.
AuthenticationInfo	authenticate(AuthenticationToken token) Delegates to the wrapped Authenticator for authentication.
void	destroy() Destroys the cacheManager via LifecycleUtils.destroy.
Authenticator	getAuthenticator() Returns the delegate Authenticator instance that this SecurityManager uses to perform all authentication operations.
void	setAuthenticator(Authenticator authenticator) Sets the delegate Authenticator instance that this SecurityManager uses to perform all authentication operations.

Methods inherited from class org.apache.shiro.mgt.RealmSecurityManager

afterCacheManagerSet, afterEventBusSet, applyCacheManagerToRealms, applyEventBusToRealms, getRealms, setRealm, setRealms

Methods inherited from class org.apache.shiro.mgt.CachingSecurityManager

applyEventBusToCacheManager, getCacheManager, getEventBus, setCacheManager, setEventBus

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.shiro.mgt.SecurityManager

createSubject, login, logout

Methods inherited from interface org.apache.shiro.authz.Authorizer

checkPermission, checkPermission, checkPermissions, checkPermissions, checkRole, checkRoles, checkRoles, hasAllRoles, hasRole, hasRoles, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll

Methods inherited from interface org.apache.shiro.session.mgt.SessionManager

getSession, start

Constructor Detail

AuthenticatingSecurityManager

public AuthenticatingSecurityManager()

Default no-arg constructor that initializes its internal authenticator instance to a ModularRealmAuthenticator.

Method Detail

getAuthenticator

public Authenticator getAuthenticator()

Returns the delegate Authenticator instance that this SecurityManager uses to perform all authentication operations. Unless overridden by the setAuthenticator, the default instance is a ModularRealmAuthenticator.

Returns:

the delegate Authenticator instance that this SecurityManager uses to perform all authentication operations.

setAuthenticator

public void setAuthenticator(Authenticator authenticator)
                      throws IllegalArgumentException

Sets the delegate Authenticator instance that this SecurityManager uses to perform all authentication operations. Unless overridden by this method, the default instance is a ModularRealmAuthenticator.

Parameters:

authenticator - the delegate Authenticator instance that this SecurityManager will use to perform all authentication operations.

Throws:

IllegalArgumentException - if the argument is null.

afterRealmsSet

protected void afterRealmsSet()

Passes on the realms to the internal delegate Authenticator instance so that it may use them during authentication attempts.

Overrides:

afterRealmsSet in class RealmSecurityManager

authenticate

public AuthenticationInfo authenticate(AuthenticationToken token)
                                throws AuthenticationException

Delegates to the wrapped Authenticator for authentication.

Parameters:

token - any representation of a user's principals and credentials submitted during an authentication attempt.

Returns:

the AuthenticationInfo representing the authenticating user's account data.

Throws:

AuthenticationException - if there is any problem during the authentication process. See the specific exceptions listed below to as examples of what could happen in order to accurately handle these problems and to notify the user in an appropriate manner why the authentication attempt failed. Realize an implementation of this interface may or may not throw those listed or may throw other AuthenticationExceptions, but the list shows the most common ones.

See Also:

ExpiredCredentialsException, IncorrectCredentialsException, ExcessiveAttemptsException, LockedAccountException, ConcurrentAccessException, UnknownAccountException

destroy

public void destroy()

Description copied from class: CachingSecurityManager

Destroys the cacheManager via LifecycleUtils.destroy.

Specified by:

destroy in interface Destroyable

Overrides:

destroy in class RealmSecurityManager