public class FormLoginAuthenticationProvider
extends org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
AuthenticationProvider that retrieves OAuth2UserDetails from a
OAuth2UserDetailsService for use with Universal Login.
This is useful when users are partitioned for a certain OAuth2 client, which is common when using
a single authorization server within a multi-tenant scenario. In this situation, `username` alone
is not enough of a unique identifier, and a client ID is needed to accurately discriminate an
OAuth2UserDetails.
as the inspiration for this provider,
for the equivalent when using embedded login.| Constructor and Description |
|---|
FormLoginAuthenticationProvider(OAuth2UserDetailsService userDetailsService,
org.springframework.security.core.userdetails.UserDetailsPasswordService userDetailsPasswordService,
org.springframework.security.crypto.password.PasswordEncoder passwordEncoder) |
| Modifier and Type | Method and Description |
|---|---|
protected void |
additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails userDetails,
org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication) |
protected org.springframework.security.core.Authentication |
createSuccessAuthentication(Object principal,
org.springframework.security.core.Authentication authentication,
org.springframework.security.core.userdetails.UserDetails user) |
protected org.springframework.security.crypto.password.PasswordEncoder |
getPasswordEncoder() |
protected org.springframework.security.core.userdetails.UserDetailsPasswordService |
getUserDetailsPasswordService() |
protected OAuth2UserDetailsService |
getUserDetailsService() |
protected String |
getUserNotFoundEncodedPassword()
The password used to perform
PasswordEncoder.matches(CharSequence, String) on when
the user is not found to avoid SEC-2056. |
protected org.springframework.security.core.userdetails.UserDetails |
retrieveUser(String username,
org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication) |
boolean |
supports(Class<?> authentication) |
afterPropertiesSet, authenticate, doAfterPropertiesSet, getPostAuthenticationChecks, getPreAuthenticationChecks, getUserCache, isForcePrincipalAsString, isHideUserNotFoundExceptions, setAuthoritiesMapper, setForcePrincipalAsString, setHideUserNotFoundExceptions, setMessageSource, setPostAuthenticationChecks, setPreAuthenticationChecks, setUserCachepublic FormLoginAuthenticationProvider(OAuth2UserDetailsService userDetailsService, org.springframework.security.core.userdetails.UserDetailsPasswordService userDetailsPasswordService, org.springframework.security.crypto.password.PasswordEncoder passwordEncoder)
public boolean supports(Class<?> authentication)
supports in interface org.springframework.security.authentication.AuthenticationProvidersupports in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProviderprotected final org.springframework.security.core.userdetails.UserDetails retrieveUser(String username, org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication)
retrieveUser in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProviderprotected org.springframework.security.core.Authentication createSuccessAuthentication(Object principal, org.springframework.security.core.Authentication authentication, org.springframework.security.core.userdetails.UserDetails user)
createSuccessAuthentication in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProviderprotected void additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails userDetails,
org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication)
additionalAuthenticationChecks in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProviderprotected OAuth2UserDetailsService getUserDetailsService()
protected org.springframework.security.core.userdetails.UserDetailsPasswordService getUserDetailsPasswordService()
protected org.springframework.security.crypto.password.PasswordEncoder getPasswordEncoder()
protected String getUserNotFoundEncodedPassword()
PasswordEncoder.matches(CharSequence, String) on when
the user is not found to avoid SEC-2056. This is necessary, because some
PasswordEncoder implementations will short circuit if the password is not in a valid
format.Copyright © 2021. All rights reserved.