Class UserAuthenticator<A extends PrincipalCredentials,B extends Identity,C extends User<B>>
- Type Parameters:
A- the type of principal credentials to authenticateB- the identity typeC- the user type
- All Implemented Interfaces:
Authenticator<A,UserAuthentication<B>>
An authenticator used to authenticate users with PrincipalCredentials.
The resulting UserAuthentication extends the PrincipalAuthentication to expose details about the authenticated user, such as its identity and the groups it belongs to. A
RoleBasedAccessController can then be obtained to secure access to protected services of resources.
This implementation typically uses a UserRepository to resolve users to authenticate but it also allows to use any compliant CredentialsResolver implementation.
- Since:
- 1.5
- Author:
- Jeremy Kuhn
-
Field Summary
Fields inherited from class io.inverno.mod.security.authentication.AbstractPrincipalAuthenticator
credentialsMatcher, credentialsResolver -
Constructor Summary
ConstructorsConstructorDescriptionUserAuthenticator(CredentialsResolver<? extends C> credentialsResolver, CredentialsMatcher<? super A, ? super C> credentialsMatcher) Creates a terminal user authenticator with the specified user credentials resolver and user credentials matcher. -
Method Summary
Modifier and TypeMethodDescriptionprotected UserAuthentication<B> createAuthenticated(C resolvedCredentials) Creates an authenticated authentication resulting from a successful authentication using the resolved trusted credentials.protected UserAuthentication<B> createDenied(A credentials, AuthenticationException cause) Creates a denied authentication resulting from a failed authentication.Methods inherited from class io.inverno.mod.security.authentication.AbstractPrincipalAuthenticator
authenticate, setTerminalMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface io.inverno.mod.security.authentication.Authenticator
failOnDenied, failOnDeniedAndAnonymous, flatMap, map, or
-
Constructor Details
-
UserAuthenticator
public UserAuthenticator(CredentialsResolver<? extends C> credentialsResolver, CredentialsMatcher<? super A, ? super C> credentialsMatcher) Creates a terminal user authenticator with the specified user credentials resolver and user credentials matcher.
The resulting authenticator is terminal and returns denied authentication when the credentials resolver returns no matching credentials corresponding to the credentials to authenticate or when they do not match.
- Parameters:
credentialsResolver- a user credentials resolvercredentialsMatcher- a user credentials matcher
-
-
Method Details
-
createAuthenticated
protected UserAuthentication<B> createAuthenticated(C resolvedCredentials) throws AuthenticationException Description copied from class:AbstractPrincipalAuthenticatorCreates an authenticated authentication resulting from a successful authentication using the resolved trusted credentials.
- Specified by:
createAuthenticatedin classAbstractPrincipalAuthenticator<A extends PrincipalCredentials,C extends User<B>, UserAuthentication<B extends Identity>> - Parameters:
resolvedCredentials- the resolved trusted credentials- Returns:
- an authenticated authentication
- Throws:
AuthenticationException- if there was an error generating the authentication
-
createDenied
protected UserAuthentication<B> createDenied(A credentials, AuthenticationException cause) throws AuthenticationException Description copied from class:AbstractPrincipalAuthenticatorCreates a denied authentication resulting from a failed authentication.
- Specified by:
createDeniedin classAbstractPrincipalAuthenticator<A extends PrincipalCredentials,C extends User<B>, UserAuthentication<B extends Identity>> - Parameters:
credentials- the invalid credentialscause- the authentication error- Returns:
- a denied authentication
- Throws:
AuthenticationException- if there was an error generating the authentication
-