Package org.apache.shiro.authc.pam

Class AllSuccessfulStrategy

  • All Implemented Interfaces:
    AuthenticationStrategy
    public class AllSuccessfulStrategy
extends AbstractAuthenticationStrategy
    AuthenticationStrategy implementation that requires all configured realms to successfully process the submitted AuthenticationToken during the log-in attempt.

    If one or more realms do not support the submitted token, or one or more are unable to acquire AuthenticationInfo for the token, this implementation will immediately fail the log-in attempt for the associated subject (user).

    Since:
    0.2

    • Constructor Detail

      • AllSuccessfulStrategy

        public AllSuccessfulStrategy()

    • Method Detail

      • beforeAttempt

        public AuthenticationInfo beforeAttempt​(Realm realm,
                                        AuthenticationToken token,
                                        AuthenticationInfo info)
                                 throws AuthenticationException
        Because all realms in this strategy must complete successfully, this implementation ensures that the given Realm supports the given token argument. If it does not, this method throws an UnsupportedTokenException to end the authentication process immediately. If the realm does support the token, the info argument is returned immediately.
        Specified by:
        beforeAttempt in interface AuthenticationStrategy
        Overrides:
        beforeAttempt in class AbstractAuthenticationStrategy
        Parameters:
        realm - the realm that will be consulted for AuthenticationInfo for the specified token.
        token - the AuthenticationToken submitted for the subject attempting system log-in.
        info - the aggregated AuthenticationInfo object being used across the multi-realm authentication attempt
        Returns:
        the AuthenticationInfo object that will be presented to further realms in the authentication process - returning the aggregate method argument is the normal case if no special action needs to be taken.
        Throws:
        AuthenticationException - an exception thrown by the Strategy implementation if it wishes the login process for the associated subject (user) to stop immediately.

      • afterAttempt

        public AuthenticationInfo afterAttempt​(Realm realm,
                                       AuthenticationToken token,
                                       AuthenticationInfo info,
                                       AuthenticationInfo aggregate,
                                        t)
                                throws AuthenticationException
        Merges the specified info into the aggregate argument and returns it (just as the parent implementation does), but additionally ensures the following:
        1. if the Throwable argument is not null, re-throws it to immediately cancel the authentication process, since this strategy requires all realms to authenticate successfully.
        2. neither the info or aggregate argument is null to ensure that each realm did in fact authenticate successfully
        Specified by:
        afterAttempt in interface AuthenticationStrategy
        Overrides:
        afterAttempt in class AbstractAuthenticationStrategy
        Parameters:
        realm - the realm that was just consulted for AuthenticationInfo for the given token.
        token - the AuthenticationToken submitted for the subject attempting system log-in.
        info - the info returned from a single realm.
        aggregate - the aggregate info representing all realms in a multi-realm environment.
        t - the Throwable thrown by the Realm during the attempt, or null if the method returned normally.
        Returns:
        the AuthenticationInfo object that will be presented to further realms in the authentication process - returning the aggregateAccount method argument is the normal case if no special action needs to be taken.
        Throws:
        AuthenticationException - an exception thrown by the Strategy implementation if it wishes the login process for the associated subject (user) to stop immediately.