public interface Authenticator
Authenticator
coordinating
and interacting with an application-configured set of Realm
s.
Note that most Shiro users will not interact with an Authenticator
instance directly.
Shiro's default architecture is based on an overall SecurityManager
which typically
wraps an Authenticator
instance.SecurityManager
,
AbstractAuthenticator
,
ModularRealmAuthenticator
Modifier and Type | Method and Description |
---|---|
AuthenticationInfo |
authenticate(AuthenticationToken authenticationToken)
Authenticates a user based on the submitted
AuthenticationToken . |
AuthenticationInfo authenticate(AuthenticationToken authenticationToken) throws AuthenticationException
AuthenticationToken
.
If the authentication is successful, an AuthenticationInfo
instance is returned that represents the
user's account data relevant to Shiro. This returned object is generally used in turn to construct a
Subject
representing a more complete security-specific 'view' of an account that also allows access to
a Session
.authenticationToken
- any representation of a user's principals and credentials submitted during an
authentication attempt.AuthenticationException
- if there is any problem during the authentication process.
See the specific exceptions listed below to as examples of what could happen
in order to accurately handle these problems and to notify the user in an
appropriate manner why the authentication attempt failed. Realize an
implementation of this interface may or may not throw those listed or may
throw other AuthenticationExceptions, but the list shows the most common ones.ExpiredCredentialsException
,
IncorrectCredentialsException
,
ExcessiveAttemptsException
,
LockedAccountException
,
ConcurrentAccessException
,
UnknownAccountException
Copyright © 2004-2016 The Apache Software Foundation. All Rights Reserved.