Class AuthenticationProviderWrapper
java.lang.Object
com.appiancorp.suiteapi.security.auth.AuthenticationProviderWrapper
- All Implemented Interfaces:
org.springframework.security.authentication.AuthenticationProvider
public class AuthenticationProviderWrapper
extends Object
implements org.springframework.security.authentication.AuthenticationProvider
The AuthenticationProviderWrapper contains an AuthenticationProvider to which it delegates the actual
authentication of an AuthenticationToken. If the delegate AuthenticationProvider successfully authenticates
the AuthenticationToken, the Wrapper will take the AppianUserDetails from the resulting Authentication
and add an appropriate ScsKey based on the results of AuthenticationProviderWrapper.getScsKey.
This value will be hashed before being added to the AppianUserDetails. This wrapper is necessary for
systems that support the User Secure Credential Store.
-
Constructor Summary
ConstructorDescriptionAuthenticationProviderWrapper
(org.springframework.security.authentication.AuthenticationProvider delegate) Construct an AuthenticationProviderWrapper that will delegate to the given AuthenticationProvider.AuthenticationProviderWrapper
(org.springframework.security.authentication.AuthenticationProvider delegate, com.appiancorp.security.auth.ScsKeyChangeHandler scsKeyChangeHandler) Construct an AuthenticationProviderWrapper that will delegate to the given AuthenticationProvider, and will handle changes in scs key using the provided ScsKeyChangeHandler. -
Method Summary
Modifier and TypeMethodDescriptionfinal org.springframework.security.core.Authentication
authenticate
(org.springframework.security.core.Authentication authentication) Calls the delegate configured via the constructor.org.springframework.security.authentication.AuthenticationProvider
Get the AuthenticationProvider to which the AuthenticationProviderWraper is delegating method calls.protected char[]
getScsKey
(org.springframework.security.core.Authentication originalAuthToken, org.springframework.security.core.Authentication resultAuthToken) Get an appropriate value for the Secure Credential Store key.final boolean
Defers to the delegate configured via the constructor.
-
Constructor Details
-
AuthenticationProviderWrapper
public AuthenticationProviderWrapper(org.springframework.security.authentication.AuthenticationProvider delegate) Construct an AuthenticationProviderWrapper that will delegate to the given AuthenticationProvider. The methodssupports(Class<?>)
andauthenticate(Authenticate)
both delegate to this class. It uses the defaultScsKeyChangeHandler
to handle changes in scs key. This is the constructor that should be used to wrap custom authentication providers. -
AuthenticationProviderWrapper
public AuthenticationProviderWrapper(org.springframework.security.authentication.AuthenticationProvider delegate, com.appiancorp.security.auth.ScsKeyChangeHandler scsKeyChangeHandler) Construct an AuthenticationProviderWrapper that will delegate to the given AuthenticationProvider, and will handle changes in scs key using the provided ScsKeyChangeHandler. The methodssupports(Class<?>)
andauthenticate(Authenticate)
both delegate to this class.
-
-
Method Details
-
supports
Defers to the delegate configured via the constructor.- Specified by:
supports
in interfaceorg.springframework.security.authentication.AuthenticationProvider
-
authenticate
public final org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication) throws org.springframework.security.core.AuthenticationException Calls the delegate configured via the constructor. If authentication is successful, performs additional logic to create a valid result authentication token as required by Appian.- Specified by:
authenticate
in interfaceorg.springframework.security.authentication.AuthenticationProvider
- Throws:
org.springframework.security.core.AuthenticationException
-
getScsKey
protected char[] getScsKey(org.springframework.security.core.Authentication originalAuthToken, org.springframework.security.core.Authentication resultAuthToken) Get an appropriate value for the Secure Credential Store key. By default this method uses theoriginalAuthToken
to get the authentication credentials. The value returned from this method is never stored in the Appian system. A hashed version of it resides in memory for the duration of a User Session. It is used to encrypt and decrypt values in for the user in the Appian Secure Credential Store. A hashed version is stored on disk to compare against future keys to determine when to clear the user secured credential store for a given user. -
getDelegate
public org.springframework.security.authentication.AuthenticationProvider getDelegate()Get the AuthenticationProvider to which the AuthenticationProviderWraper is delegating method calls.
-