public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationToken
Authentication
implementation that is designed for simple presentation of a
username and password.The principal
and credentials
should be set with an
Object
that provides the respective property via its Object.toString()
method. The
simplest such Object
to use is String
.
Constructor and Description |
---|
UsernamePasswordAuthenticationToken(Object principal,
Object credentials)
This constructor can be safely used by any code that wishes to create a
UsernamePasswordAuthenticationToken , as the AbstractAuthenticationToken.isAuthenticated() will return false . |
UsernamePasswordAuthenticationToken(Object principal,
Object credentials,
GrantedAuthority[] authorities)
This constructor should only be used by
AuthenticationManager or
AuthenticationProvider implementations that are satisfied
with producing a trusted (ie AbstractAuthenticationToken.isAuthenticated() =
true ) authentication token. |
Modifier and Type | Method and Description |
---|---|
Object |
getCredentials()
The credentials that prove the principal is correct.
|
Object |
getPrincipal()
The identity of the principal being authenticated.
|
void |
setAuthenticated(boolean isAuthenticated)
See
Authentication.isAuthenticated() for a full description. |
equals, getAuthorities, getDetails, getName, hashCode, isAuthenticated, setDetails, toString
public UsernamePasswordAuthenticationToken(Object principal, Object credentials)
UsernamePasswordAuthenticationToken
, as the AbstractAuthenticationToken.isAuthenticated()
will return false
.principal
- DOCUMENT ME!credentials
- DOCUMENT ME!public UsernamePasswordAuthenticationToken(Object principal, Object credentials, GrantedAuthority[] authorities)
AuthenticationManager
or
AuthenticationProvider
implementations that are satisfied
with producing a trusted (ie AbstractAuthenticationToken.isAuthenticated()
=
true
) authentication token.principal
- credentials
- authorities
- public Object getCredentials()
Authentication
AuthenticationManager
. Callers are expected to populate the credentials.Principal
public Object getPrincipal()
Authentication
Principal
being authenticatedpublic void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException
Authentication
Authentication.isAuthenticated()
for a full description.Implementations should always allow this
method to be called with a false
parameter, as this is used by various classes to specify the
authentication token should not be trusted. If an implementation wishes to reject an invocation with a
true
parameter (which would indicate the authentication token is trusted - a potential security
risk) the implementation should throw an IllegalArgumentException
.
setAuthenticated
in interface Authentication
setAuthenticated
in class AbstractAuthenticationToken
isAuthenticated
- true
if the token should be trusted (which may result in an exception) or
false
if the token should not be trustedIllegalArgumentException
- if an attempt to make the authentication token trusted (by passing
true
as the argument) is rejected due to the implementation being immutable or
implementing its own alternative approach to Authentication.isAuthenticated()
Copyright © 2004–2019 Interface21, Inc. All rights reserved.