Package com.appiancorp.suiteapi.security.auth

Class AuthenticationProviderWrapper

java.lang.Object
com.appiancorp.suiteapi.security.auth.AuthenticationProviderWrapper
All Implemented Interfaces:
org.springframework.security.authentication.AuthenticationProvider
public class AuthenticationProviderWrapper extends Object implements org.springframework.security.authentication.AuthenticationProvider
The AuthenticationProviderWrapper contains an AuthenticationProvider to which it delegates the actual authentication of an AuthenticationToken. If the delegate AuthenticationProvider successfully authenticates the AuthenticationToken, the Wrapper will take the AppianUserDetails from the resulting Authentication and add an appropriate ScsKey based on the results of AuthenticationProviderWrapper.getScsKey. This value will be hashed before being added to the AppianUserDetails. This wrapper is necessary for systems that support the User Secure Credential Store.

  • Constructor Summary

    Constructors
    Constructor
    Description
    AuthenticationProviderWrapper(org.springframework.security.authentication.AuthenticationProvider delegate)
    Construct an AuthenticationProviderWrapper that will delegate to the given AuthenticationProvider.
    AuthenticationProviderWrapper(org.springframework.security.authentication.AuthenticationProvider delegate, com.appiancorp.security.auth.ScsKeyChangeHandler scsKeyChangeHandler)
    Construct an AuthenticationProviderWrapper that will delegate to the given AuthenticationProvider, and will handle changes in scs key using the provided ScsKeyChangeHandler.

  • Method Summary

    Modifier and Type
    Method
    Description
    final org.springframework.security.core.Authentication
    authenticate(org.springframework.security.core.Authentication authentication)
    Calls the delegate configured via the constructor.
    org.springframework.security.authentication.AuthenticationProvider
    getDelegate()
    Get the AuthenticationProvider to which the AuthenticationProviderWraper is delegating method calls.
    protected char[]
    getScsKey(org.springframework.security.core.Authentication originalAuthToken, org.springframework.security.core.Authentication resultAuthToken)
    Get an appropriate value for the Secure Credential Store key.
    final boolean
    supports(Class<?> authentication)
    Defers to the delegate configured via the constructor.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • AuthenticationProviderWrapper

      public AuthenticationProviderWrapper(org.springframework.security.authentication.AuthenticationProvider delegate)
      Construct an AuthenticationProviderWrapper that will delegate to the given AuthenticationProvider. The methods supports(Class<?>) and authenticate(Authenticate) both delegate to this class. It uses the default ScsKeyChangeHandler to handle changes in scs key. This is the constructor that should be used to wrap custom authentication providers.

    • AuthenticationProviderWrapper

      public AuthenticationProviderWrapper(org.springframework.security.authentication.AuthenticationProvider delegate, com.appiancorp.security.auth.ScsKeyChangeHandler scsKeyChangeHandler)
      Construct an AuthenticationProviderWrapper that will delegate to the given AuthenticationProvider, and will handle changes in scs key using the provided ScsKeyChangeHandler. The methods supports(Class<?>) and authenticate(Authenticate) both delegate to this class.

  • Method Details

    • supports

      public final boolean supports(Class<?> authentication)
      Defers to the delegate configured via the constructor.
      Specified by:
      supports in interface org.springframework.security.authentication.AuthenticationProvider

    • authenticate

      public final org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication) throws org.springframework.security.core.AuthenticationException
      Calls the delegate configured via the constructor. If authentication is successful, performs additional logic to create a valid result authentication token as required by Appian.
      Specified by:
      authenticate in interface org.springframework.security.authentication.AuthenticationProvider
      Throws:
      org.springframework.security.core.AuthenticationException

    • getScsKey

      protected char[] getScsKey(org.springframework.security.core.Authentication originalAuthToken, org.springframework.security.core.Authentication resultAuthToken)
      Get an appropriate value for the Secure Credential Store key. By default this method uses the originalAuthToken to get the authentication credentials. The value returned from this method is never stored in the Appian system. A hashed version of it resides in memory for the duration of a User Session. It is used to encrypt and decrypt values in for the user in the Appian Secure Credential Store. A hashed version is stored on disk to compare against future keys to determine when to clear the user secured credential store for a given user.

    • getDelegate

      public org.springframework.security.authentication.AuthenticationProvider getDelegate()
      Get the AuthenticationProvider to which the AuthenticationProviderWraper is delegating method calls.