com.atlassian.crowd.integration.springsecurity
Class CrowdSSOAuthenticationToken

java.lang.Object
  org.springframework.security.providers.AbstractAuthenticationToken
      com.atlassian.crowd.integration.springsecurity.CrowdSSOAuthenticationToken

All Implemented Interfaces:

java.io.Serializable, java.security.Principal, org.springframework.security.Authentication

public class CrowdSSOAuthenticationToken
extends org.springframework.security.providers.AbstractAuthenticationToken

A CrowdSSOAuthenticationToken can be used to represent an authentication request consisting of the Crowd SSO Token String (credential) and HTTP ValidationFactors (details). It can also be used to represent a token for successful authentication consisting of the CrowdUserDetails (principal), the Crowd SSO Token String (credential) and a collection of Group names the authenticated user is a member of (GrantedAuthorities).

See Also:

Serialized Form

Constructor Summary

CrowdSSOAuthenticationToken(CrowdUserDetails principal, java.lang.String ssoToken, org.springframework.security.GrantedAuthority[] authorities)
Use this constructor to create an authenticated SSO token.

CrowdSSOAuthenticationToken(java.lang.String ssoToken)
Use constructor to create an unauthenticated SSO token.

Method Summary

java.lang.Object	getCredentials() The credentials that prove the principal is correct.
java.lang.Object	getPrincipal() The identity of the principal being authenticated.
void	setAuthenticated(boolean isAuthenticated) Disallow setAuthenticated(true).

Methods inherited from class org.springframework.security.providers.AbstractAuthenticationToken

equals, getAuthorities, getDetails, getName, hashCode, isAuthenticated, setDetails, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

CrowdSSOAuthenticationToken

public CrowdSSOAuthenticationToken(java.lang.String ssoToken)

Use constructor to create an unauthenticated SSO token.

Parameters:

ssoToken - token string.

CrowdSSOAuthenticationToken

public CrowdSSOAuthenticationToken(CrowdUserDetails principal,
                                   java.lang.String ssoToken,
                                   org.springframework.security.GrantedAuthority[] authorities)

Use this constructor to create an authenticated SSO token. This should only be used by the AuthenticationProvider.

Parameters:

principal - authenticated user.

ssoToken - authenticated SSO token as credential.

authorities - granted authorities.

Method Detail

getCredentials

public java.lang.Object getCredentials()

The credentials that prove the principal is correct. This is usually a password, but could be anything relevant to the AuthenticationManager. Callers are expected to populate the credentials.

Returns:

the credentials that prove the identity of the Principal

getPrincipal

public java.lang.Object getPrincipal()

The identity of the principal being authenticated. This is usually a username. Callers are expected to populate the principal.

Returns:

the Principal being authenticated

setAuthenticated

public void setAuthenticated(boolean isAuthenticated)
                      throws java.lang.IllegalArgumentException

Disallow setAuthenticated(true). Use constructor containing GrantedAuthority[]s instead.

Specified by:

setAuthenticated in interface org.springframework.security.Authentication

Overrides:

setAuthenticated in class org.springframework.security.providers.AbstractAuthenticationToken

Parameters:

isAuthenticated - must be false.

Throws:

java.lang.IllegalArgumentException - throwd if isAuthenticated paramater is set to true.