01: /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
02: *
03: * Licensed under the Apache License, Version 2.0 (the "License");
04: * you may not use this file except in compliance with the License.
05: * You may obtain a copy of the License at
06: *
07: * http://www.apache.org/licenses/LICENSE-2.0
08: *
09: * Unless required by applicable law or agreed to in writing, software
10: * distributed under the License is distributed on an "AS IS" BASIS,
11: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12: * See the License for the specific language governing permissions and
13: * limitations under the License.
14: */
15:
16: package org.acegisecurity.providers.anonymous;
17:
18: import org.acegisecurity.AcegiMessageSource;
19: import org.acegisecurity.Authentication;
20: import org.acegisecurity.AuthenticationException;
21: import org.acegisecurity.BadCredentialsException;
22: import org.acegisecurity.providers.AuthenticationProvider;
23: import org.apache.commons.logging.Log;
24: import org.apache.commons.logging.LogFactory;
25: import org.springframework.beans.factory.InitializingBean;
26: import org.springframework.context.MessageSource;
27: import org.springframework.context.MessageSourceAware;
28: import org.springframework.context.support.MessageSourceAccessor;
29: import org.springframework.util.Assert;
30:
31: /**
32: * An {@link AuthenticationProvider} implementation that validates {@link
33: * org.acegisecurity.providers.anonymous.AnonymousAuthenticationToken}s.<p>To be successfully validated, the
34: * {@link org.acegisecurity.providers.anonymous.AnonymousAuthenticationToken#getKeyHash()} must match this class'
35: * {@link #getKey()}.</p>
36: */
37: public class AnonymousAuthenticationProvider implements
38: AuthenticationProvider, InitializingBean, MessageSourceAware {
39: //~ Static fields/initializers =====================================================================================
40:
41: private static final Log logger = LogFactory
42: .getLog(AnonymousAuthenticationProvider.class);
43:
44: //~ Instance fields ================================================================================================
45:
46: protected MessageSourceAccessor messages = AcegiMessageSource
47: .getAccessor();
48: private String key;
49:
50: //~ Methods ========================================================================================================
51:
52: public void afterPropertiesSet() throws Exception {
53: Assert.hasLength(key, "A Key is required");
54: Assert.notNull(this .messages, "A message source must be set");
55: }
56:
57: public Authentication authenticate(Authentication authentication)
58: throws AuthenticationException {
59: if (!supports(authentication.getClass())) {
60: return null;
61: }
62:
63: if (this .key.hashCode() != ((AnonymousAuthenticationToken) authentication)
64: .getKeyHash()) {
65: throw new BadCredentialsException(
66: messages
67: .getMessage(
68: "AnonymousAuthenticationProvider.incorrectKey",
69: "The presented AnonymousAuthenticationToken does not contain the expected key"));
70: }
71:
72: return authentication;
73: }
74:
75: public String getKey() {
76: return key;
77: }
78:
79: public void setKey(String key) {
80: this .key = key;
81: }
82:
83: public void setMessageSource(MessageSource messageSource) {
84: this .messages = new MessageSourceAccessor(messageSource);
85: }
86:
87: public boolean supports(Class authentication) {
88: return (AnonymousAuthenticationToken.class
89: .isAssignableFrom(authentication));
90: }
91: }
|