com.seajas.search.utilities.spring.security.service.ExtendedAuthenticationProvider.java Source code

Java tutorial

  1. HOME
  2. Java
  3. com.seajas.search.utilities.spring.security.service.ExtendedAuthenticationProvider.java

Introduction

Here is the source code for com.seajas.search.utilities.spring.security.service.ExtendedAuthenticationProvider.java

Source

/**
 * Copyright (C) 2013 Seajas, the Netherlands.
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 3, as
 * published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
package com.seajas.search.utilities.spring.security.service;

import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;

/**
 * Extended authentication provider for internal authentication purposes.
 * 
 * @author Jasper van Veghel <jasper@seajas.com>
 */
public class ExtendedAuthenticationProvider implements AuthenticationProvider {
    /**
     * The extended user details service.
     */
    @Autowired
    private ExtendedUserDetailsService extendedUserDetailsService;

    /**
     * Override the authenticate method to provide our own extended UserDetails based logic.
     * 
     * @param authentication
     * @throws AuthenticationException
     */
    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        if (StringUtils.isEmpty((String) authentication.getPrincipal())
                || StringUtils.isEmpty((String) authentication.getCredentials()))
            throw new BadCredentialsException("The given username / password are invalid");

        UserDetails userDetails = extendedUserDetailsService.getUserDetails((String) authentication.getPrincipal(),
                (String) authentication.getCredentials());

        return new UsernamePasswordAuthenticationToken(userDetails, authentication.getCredentials(),
                userDetails.getAuthorities());
    }

    /**
     * Support basic username / password based authentication.
     * 
     * @param authentication
     * @return boolean
     */
    @Override
    public boolean supports(Class<? extends Object> authentication) {
        return authentication.equals(UsernamePasswordAuthenticationToken.class);
    }
}