Class AuthenticationTrustResolverImpl
java.lang.Object
org.springframework.security.authentication.AuthenticationTrustResolverImpl
- All Implemented Interfaces:
AuthenticationTrustResolver
Basic implementation of
AuthenticationTrustResolver
.
Makes trust decisions based on whether the passed Authentication
is an
instance of a defined class.
If anonymousClass
or rememberMeClass
is null
, the
corresponding method will always return false
.
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionboolean
isAnonymous
(Authentication authentication) Indicates whether the passedAuthentication
token represents an anonymous user.boolean
isRememberMe
(Authentication authentication) Indicates whether the passedAuthentication
token represents user that has been remembered (i.e.void
setAnonymousClass
(Class<? extends Authentication> anonymousClass) void
setRememberMeClass
(Class<? extends Authentication> rememberMeClass)
-
Constructor Details
-
AuthenticationTrustResolverImpl
public AuthenticationTrustResolverImpl()
-
-
Method Details
-
isAnonymous
Description copied from interface:AuthenticationTrustResolver
Indicates whether the passedAuthentication
token represents an anonymous user. Typically the framework will call this method if it is trying to decide whether anAccessDeniedException
should result in a final rejection (i.e. as would be the case if the principal was non-anonymous/fully authenticated) or direct the principal to attempt actual authentication (i.e. as would be the case if theAuthentication
was merely anonymous).- Specified by:
isAnonymous
in interfaceAuthenticationTrustResolver
- Parameters:
authentication
- to test (may benull
in which case the method will always returnfalse
)- Returns:
true
the passed authentication token represented an anonymous principal,false
otherwise
-
isRememberMe
Description copied from interface:AuthenticationTrustResolver
Indicates whether the passedAuthentication
token represents user that has been remembered (i.e. not a user that has been fully authenticated).The method is provided to assist with custom
AccessDecisionVoter
s and the like that you might develop. Of course, you don't need to use this method either and can develop your own "trust level" hierarchy instead.- Specified by:
isRememberMe
in interfaceAuthenticationTrustResolver
- Parameters:
authentication
- to test (may benull
in which case the method will always returnfalse
)- Returns:
true
the passed authentication token represented a principal authenticated using a remember-me token,false
otherwise
-
setAnonymousClass
-
setRememberMeClass
-