01: /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
02: *
03: * Licensed under the Apache License, Version 2.0 (the "License");
04: * you may not use this file except in compliance with the License.
05: * You may obtain a copy of the License at
06: *
07: * http://www.apache.org/licenses/LICENSE-2.0
08: *
09: * Unless required by applicable law or agreed to in writing, software
10: * distributed under the License is distributed on an "AS IS" BASIS,
11: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12: * See the License for the specific language governing permissions and
13: * limitations under the License.
14: */
15:
16: package org.acegisecurity.providers.rcp;
17:
18: import org.acegisecurity.Authentication;
19: import org.acegisecurity.AuthenticationException;
20: import org.acegisecurity.GrantedAuthority;
21:
22: import org.acegisecurity.providers.AuthenticationProvider;
23: import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
24:
25: import org.springframework.beans.factory.InitializingBean;
26:
27: import org.springframework.util.Assert;
28:
29: /**
30: * Client-side object which queries a {@link RemoteAuthenticationManager} to validate an authentication request.<p>A
31: * new <code>Authentication</code> object is created by this class comprising the request <code>Authentication</code>
32: * object's <code>principal</code>, <code>credentials</code> and the <code>GrantedAuthority</code>[]s returned by the
33: * <code>RemoteAuthenticationManager</code>.</p>
34: * <p>The <code>RemoteAuthenticationManager</code> should not require any special username or password setting on
35: * the remoting client proxy factory to execute the call. Instead the entire authentication request must be
36: * encapsulated solely within the <code>Authentication</code> request object. In practical terms this means the
37: * <code>RemoteAuthenticationManager</code> will <b>not</b> be protected by BASIC or any other HTTP-level
38: * authentication.</p>
39: * <p>If authentication fails, a <code>RemoteAuthenticationException</code> will be thrown. This exception should
40: * be caught and displayed to the user, enabling them to retry with alternative credentials etc.</p>
41: *
42: * @author Ben Alex
43: * @version $Id: RemoteAuthenticationProvider.java 1948 2007-08-25 00:15:30Z benalex $
44: */
45: public class RemoteAuthenticationProvider implements
46: AuthenticationProvider, InitializingBean {
47: //~ Instance fields ================================================================================================
48:
49: private RemoteAuthenticationManager remoteAuthenticationManager;
50:
51: //~ Methods ========================================================================================================
52:
53: public void afterPropertiesSet() throws Exception {
54: Assert.notNull(this .remoteAuthenticationManager,
55: "remoteAuthenticationManager is mandatory");
56: }
57:
58: public Authentication authenticate(Authentication authentication)
59: throws AuthenticationException {
60: String username = authentication.getPrincipal().toString();
61: String password = authentication.getCredentials().toString();
62: GrantedAuthority[] authorities = remoteAuthenticationManager
63: .attemptAuthentication(username, password);
64:
65: return new UsernamePasswordAuthenticationToken(username,
66: password, authorities);
67: }
68:
69: public RemoteAuthenticationManager getRemoteAuthenticationManager() {
70: return remoteAuthenticationManager;
71: }
72:
73: public void setRemoteAuthenticationManager(
74: RemoteAuthenticationManager remoteAuthenticationManager) {
75: this .remoteAuthenticationManager = remoteAuthenticationManager;
76: }
77:
78: public boolean supports(Class authentication) {
79: return (UsernamePasswordAuthenticationToken.class
80: .isAssignableFrom(authentication));
81: }
82: }
|