AuthenticatingSecurityManager抽象类继承于RealmSecurityManager抽象类,先对其解析如下:
1.RealmSecurityManager抽象类
此抽象类可以参照RealmSecurityManager抽象类源码解析。
2.AuthenticatingSecurityManager抽象类
2.1.数据属性
private Authenticator authenticator;//认证类
2.2.构造方法(设置默认认证器)
public AuthenticatingSecurityManager() {
super();
this.authenticator = new ModularRealmAuthenticator();
}
2.3.获取认证器
public Authenticator getAuthenticator() {
return authenticator;
}
2.4.设置认证器(如果认证器为空,则抛出异常)
public void setAuthenticator(Authenticator authenticator) throws IllegalArgumentException {
if (authenticator == null) {
String msg = "Authenticator argument cannot be null.";
throw new IllegalArgumentException(msg);
}
this.authenticator = authenticator;
}
2.5.设置完realm之后的操作(将所有的realm设置缓存管理器,如果认证器为默认的认证器,则设置认证器的realm为获取的realm,此方法覆盖了RealmSecurityManager里面的方法)
protected void afterRealmsSet() {
super.afterRealmsSet();
if (this.authenticator instanceof ModularRealmAuthenticator) {
((ModularRealmAuthenticator) this.authenticator).setRealms(getRealms());
}
}
2.6.认证操作
public AuthenticationInfo authenticate(AuthenticationToken token) throws AuthenticationException {
return this.authenticator.authenticate(token);
}
2.7.销毁操作
public void destroy() {
LifecycleUtils.destroy(getAuthenticator());
this.authenticator = null;
super.destroy();
}