Package com.evolveum.midpoint.authentication.api.config

Interface AuthenticationEvaluator<T extends AbstractAuthenticationContext>

  • public interface AuthenticationEvaluator<T extends AbstractAuthenticationContext>
    Evaluator which checks credentials of identity and return authenticated data about authenticated identity.
    Author:
    semancik

    • Method Detail

      • authenticate

        org.springframework.security.authentication.UsernamePasswordAuthenticationToken authenticate​(ConnectionEnvironment connEnv,
                                                                                             T authnCtx)
                                                                                      throws org.springframework.security.authentication.BadCredentialsException,
                                                                                             org.springframework.security.authentication.AuthenticationCredentialsNotFoundException,
                                                                                             org.springframework.security.authentication.DisabledException,
                                                                                             org.springframework.security.authentication.LockedException,
                                                                                             org.springframework.security.authentication.CredentialsExpiredException,
                                                                                             org.springframework.security.authentication.AuthenticationServiceException,
                                                                                             org.springframework.security.access.AccessDeniedException,
                                                                                             org.springframework.security.core.userdetails.UsernameNotFoundException
        Checks credentials of identity and create token with MidPointPrincipal of authenticated identity.
        Parameters:
        connEnv - Properties of connection environment
        authnCtx - Authentication context of type AbstractAuthenticationContext, which contains data needed for authentication of identity.
        Returns:
        token with MidPointPrincipal
        Throws:
        org.springframework.security.authentication.BadCredentialsException - when was set wrong authentication data
        org.springframework.security.authentication.AuthenticationCredentialsNotFoundException - when object found by authentication identifier not contains credentials
        org.springframework.security.authentication.DisabledException - when object found by authentication identifier is disabled
        org.springframework.security.authentication.LockedException - when object found by authentication identifier is locked
        org.springframework.security.authentication.CredentialsExpiredException - when object found by authentication identifier was expired credentials
        org.springframework.security.authentication.AuthenticationServiceException - when occur some internal server error during authentication
        org.springframework.security.access.AccessDeniedException - when object found by authentication identifier is unauthorized
        org.springframework.security.core.userdetails.UsernameNotFoundException - when object not found by authentication identifier

      • checkCredentials

        @NotNull
@NotNull FocusType checkCredentials​(ConnectionEnvironment connEnv,
                                    T authnCtx)
                             throws org.springframework.security.authentication.BadCredentialsException,
                                    org.springframework.security.authentication.AuthenticationCredentialsNotFoundException,
                                    org.springframework.security.authentication.DisabledException,
                                    org.springframework.security.authentication.LockedException,
                                    org.springframework.security.authentication.CredentialsExpiredException,
                                    org.springframework.security.authentication.AuthenticationServiceException,
                                    org.springframework.security.access.AccessDeniedException,
                                    org.springframework.security.core.userdetails.UsernameNotFoundException
        Only one part of authentication - check credentials
        Parameters:
        connEnv -
        authnCtx -
        Returns:
        focus identify by authentication context, after successfully checking
        Throws:
        org.springframework.security.authentication.BadCredentialsException
        org.springframework.security.authentication.AuthenticationCredentialsNotFoundException
        org.springframework.security.authentication.DisabledException
        org.springframework.security.authentication.LockedException
        org.springframework.security.authentication.CredentialsExpiredException
        org.springframework.security.authentication.AuthenticationServiceException
        org.springframework.security.access.AccessDeniedException
        org.springframework.security.core.userdetails.UsernameNotFoundException

      • authenticateUserPreAuthenticated

        org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken authenticateUserPreAuthenticated​(ConnectionEnvironment connEnv,
                                                                                                                             PreAuthenticationContext authnCtx)
        create authentication token for identity, but without checking credentials only find identity, check authorization and check required assignment
        Parameters:
        connEnv -
        authnCtx -
        Returns:
        token with MidPointPrincipal