AbstractAuthenticator abstract class source code analysis

The AbstractAuthenticator abstract class implements the two interfaces of Authenticator and LogoutAware. The first analysis is as follows:

1.Authenticator interface

For the analysis of this interface, see the source code analysis of the Authenticator interface (in fact, there is only one method, which completes the authentication of the token)

2.LogoutAware interface

For the analysis of this interface, see the source code analysis of the LogoutAware interface (in fact, there is only one method, which completes the exit of the subject)

3.AbstractAuthenticator abstract class

3.1. Data Data

private Collection<AuthenticationListener> listeners;//Authentication listener

3.2. Constructor (create a list of authentication listeners)

public AbstractAuthenticator() {
        listeners = new ArrayList<AuthenticationListener>();
}

3.3. Set the list of authentication listeners

public void setAuthenticationListeners(Collection<AuthenticationListener> listeners) {
        if (listeners == null) {
            this.listeners = new ArrayList<AuthenticationListener>();
        } else {
            this.listeners = listeners;
        }
}

3.4. Get the list of authentication listeners

public Collection<AuthenticationListener> getAuthenticationListeners() {
        return this.listeners;
}

3.5. Notify all authentication listeners that the current token and info authentication is successful

 protected void notifySuccess(AuthenticationToken token, AuthenticationInfo info) {
        for (AuthenticationListener listener : this.listeners) {
            listener.onSuccess(token, info);
        }
    }

3.6. Notify all authentication listeners that the current token authentication fails

 protected void notifyFailure(AuthenticationToken token, AuthenticationException ae) {
        for (AuthenticationListener listener : this.listeners) {
            listener.onFailure(token, ae);
        }
    }

3.7. Notify all authentication listeners that the current token exits

protected void notifyLogout(PrincipalCollection principals) {
        for (AuthenticationListener listener : this.listeners) {
            listener.onLogout(principals);
        }
    }

3.8. The current token exits (inherited from the interface LogoutAware interface)

public void onLogout(PrincipalCollection principals) {
        notifyLogout(principals);

 }

3.9. Complete the authentication of the token (if the token is empty, throw an exception; if it is not empty, obtain the AuthenticationInfo information according to the token, if the info is empty, throw an exception; if an error occurs when obtaining the AuthenticationInfo information, throw an exception, and Notify all authentication listeners that the current authentication fails; if the AuthenticationInfo information is obtained, notify all authentication listeners that the current authentication is successful)

public final AuthenticationInfo authenticate(AuthenticationToken token) throws AuthenticationException {

        if (token == null) {
            throw new IllegalArgumentException("Method argumet (authentication token) cannot be null.");
        }

        log.trace("Authentication attempt received for token [{}]", token);

        AuthenticationInfo info;
        try {
            info = doAuthenticate(token);
            if (info == null) {
                String msg = "No account information found for authentication token [" + token + "] by this " +
                        "Authenticator instance.  Please check that it is configured correctly.";
                throw new AuthenticationException(msg);
            }
        } catch (Throwable t) {
            AuthenticationException ae = null;
            if (t instanceof AuthenticationException) {
                ae = (AuthenticationException) t;
            }
            if (ae == null) {
                //Exception thrown was not an expected AuthenticationException.  Therefore it is probably a little more
                //severe or unexpected.  So, wrap in an AuthenticationException, log to warn, and propagate:
                String msg = "Authentication failed for token submission [" + token + "].  Possible unexpected " +
                        "error? (Typical or expected login exceptions should extend from AuthenticationException).";
                ae = new AuthenticationException(msg, t);
            }
            try {
                notifyFailure(token, ae);
            } catch (Throwable t2) {
                if (log.isWarnEnabled()) {
                    String msg = "Unable to send notification for failed authentication attempt - listener error?.  " +
                            "Please check your AuthenticationListener implementation(s).  Logging sending exception " +
                            "and propagating original AuthenticationException instead...";
                    log.warn(msg, t2);
                }
            }

            throw ae;
        }

        log.debug("Authentication successful for token [{}].  Returned account [{}]", token, info);

        notifySuccess(token, info);

        return info;
    }

3.10. Obtain AuthenticationInfo information according to the token

protected abstract AuthenticationInfo doAuthenticate(AuthenticationToken token)
            throws AuthenticationException;