- All Known Implementing Classes:
public interface AuthenticatorAn Authenticator is responsible for authenticating accounts in an application. It is one of the primary entry points into the Shiro API. Although not a requirement, there is usually a single 'master' Authenticator configured for an application. Enabling Pluggable Authentication Module (PAM) behavior (Two Phase Commit, etc.) is usually achieved by the single
Authenticatorcoordinating and interacting with an application-configured set of
Realms. Note that most Shiro users will not interact with an
Authenticatorinstance directly. Shiro's default architecture is based on an overall
SecurityManagerwhich typically wraps an
AuthenticationInfo authenticate(AuthenticationToken authenticationToken) throws AuthenticationExceptionAuthenticates a user based on the submitted
AuthenticationToken. If the authentication is successful, an
AuthenticationInfoinstance is returned that represents the user's account data relevant to Shiro. This returned object is generally used in turn to construct a
Subjectrepresenting a more complete security-specific 'view' of an account that also allows access to a
authenticationToken- any representation of a user's principals and credentials submitted during an authentication attempt.
- the AuthenticationInfo representing the authenticating user's account data.
AuthenticationException- if there is any problem during the authentication process. See the specific exceptions listed below to as examples of what could happen in order to accurately handle these problems and to notify the user in an appropriate manner why the authentication attempt failed. Realize an implementation of this interface may or may not throw those listed or may throw other AuthenticationExceptions, but the list shows the most common ones.
- See Also: