/** * This constructor can be safely used by any code that wishes to create a * <code>UsernamePasswordAuthenticationToken</code>, as the {@link #isAuthenticated()} * will return <code>false</code>. * */ public UsernamePasswordAuthenticationToken(Object principal, Object credentials) { super(null); this.principal = principal; this.credentials = credentials; setAuthenticated(false); }
/** * This constructor can be safely used by any code that wishes to create a * <code>UsernamePasswordAuthenticationToken</code>, as the {@link #isAuthenticated()} * will return <code>false</code>. * */ public UsernamePasswordAuthenticationToken(Object principal, Object credentials) { super(null); this.principal = principal; this.credentials = credentials; setAuthenticated(false); }
@Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { if (authentication == null) { return authentication; } UsernamePasswordAuthenticationToken output = null; if (authentication instanceof UsernamePasswordAuthenticationToken) { output = (UsernamePasswordAuthenticationToken) authentication; } else { output = new UsernamePasswordAuthenticationToken(authentication, authentication.getCredentials(), authentication.getAuthorities()); output.setAuthenticated(authentication.isAuthenticated()); output.setDetails(authentication.getDetails()); } return delegate.authenticate(output); }
@Test public void authenticatedPropertyContractIsSatisfied() { UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( "Test", "Password", AuthorityUtils.NO_AUTHORITIES); // check default given we passed some GrantedAuthorty[]s (well, we passed empty // list) assertThat(token.isAuthenticated()).isTrue(); // check explicit set to untrusted (we can safely go from trusted to untrusted, // but not the reverse) token.setAuthenticated(false); assertThat(!token.isAuthenticated()).isTrue(); // Now let's create a UsernamePasswordAuthenticationToken without any // GrantedAuthorty[]s (different constructor) token = new UsernamePasswordAuthenticationToken("Test", "Password"); assertThat(!token.isAuthenticated()).isTrue(); // check we're allowed to still set it to untrusted token.setAuthenticated(false); assertThat(!token.isAuthenticated()).isTrue(); // check denied changing it to trusted try { token.setAuthenticated(true); fail("Should have prohibited setAuthenticated(true)"); } catch (IllegalArgumentException expected) { } }
public CustomAuthenticationToken(Object principal, Object credentials, String domain) { super(principal, credentials); this.domain = domain; super.setAuthenticated(false); }
public CustomAuthenticationToken(Object principal, Object credentials, String domain, Collection<? extends GrantedAuthority> authorities) { super(principal, credentials, authorities); this.domain = domain; super.setAuthenticated(true); // must use super, as we override }
/** * This constructor can be safely used by any code that wishes to create a * <code>UsernamePasswordAuthenticationToken</code>, as the {@link * #isAuthenticated()} will return <code>false</code>. * */ public UsernamePasswordAuthenticationToken(Object principal, Object credentials) { super(null); this.principal = principal; this.credentials = credentials; setAuthenticated(false); }
/** * This constructor can be safely used by any code that wishes to create a * <code>UsernamePasswordAuthenticationToken</code>, as the {@link #isAuthenticated()} * will return <code>false</code>. * */ public UsernamePasswordAuthenticationToken(Object principal, Object credentials) { super(null); this.principal = principal; this.credentials = credentials; setAuthenticated(false); }