AbstractPasswordBasedSecurityRealm (Jenkins core 2.303 API)

java.lang.Object
- hudson.model.AbstractDescribableImpl<SecurityRealm>
- - hudson.security.SecurityRealm
  - - hudson.security.AbstractPasswordBasedSecurityRealm

All Implemented Interfaces:

ExtensionPoint, Describable<SecurityRealm>

Direct Known Subclasses:

HudsonPrivateSecurityRealm
```
public abstract class AbstractPasswordBasedSecurityRealm
extends SecurityRealm
```
Partial implementation of SecurityRealm for username/password based authentication. This is a convenience base class if all you are trying to do is to check the given username and password with the information stored in somewhere else, and you don't want to do anything with Spring Security.
This SecurityRealm uses the standard login form (and a few other optional mechanisms like BASIC auth) to gather the username/password information. Subtypes are responsible for authenticating this information.

Since:

1.317

Author:

Kohsuke Kawaguchi

Nested Class Summary
- Nested classes/interfaces inherited from class hudson.security.SecurityRealm
  SecurityRealm.SecurityComponents
- Nested classes/interfaces inherited from interface hudson.ExtensionPoint
  ExtensionPoint.LegacyInstancesAreScopedToHudson

Field Summary
- Fields inherited from class hudson.security.SecurityRealm
  AUTHENTICATED_AUTHORITY, AUTHENTICATED_AUTHORITY2, LIST, NO_AUTHENTICATION

Constructor Summary

Constructors
Constructor and Description

AbstractPasswordBasedSecurityRealm()

Constructors
Constructor and Description
`AbstractPasswordBasedSecurityRealm()`

Method Summary

All Methods Instance Methods Concrete Methods Deprecated Methods
Modifier and Type	Method and Description
`protected UserDetails`	`authenticate(String username, String password)` Deprecated. use `authenticate2(java.lang.String, java.lang.String)`
`protected org.springframework.security.core.userdetails.UserDetails`	`authenticate2(String username, String password)` Authenticate a login attempt.
`SecurityRealm.SecurityComponents`	`createSecurityComponents()` Creates fully-configured `AuthenticationManager` that performs authentication against the user realm.
`GroupDetails`	`loadGroupByGroupname(String groupname)` Deprecated. use `loadGroupByGroupname2(java.lang.String, boolean)`
`GroupDetails`	`loadGroupByGroupname2(String groupname, boolean fetchMembers)` Retrieves information about a group by its name.
`UserDetails`	`loadUserByUsername(String username)` Deprecated. use `loadUserByUsername2(java.lang.String)`
`org.springframework.security.core.userdetails.UserDetails`	`loadUserByUsername2(String username)` Retrieves information about an user by its name.

Methods inherited from class hudson.security.SecurityRealm
all, allowsSignup, canLogOut, commenceSignup, commonFilters, createCliAuthenticator, createFilter, doCaptcha, doLogout, getAuthenticationGatewayUrl, getCaptchaSupport, getCaptchaSupportDescriptors, getDescriptor, getFrom, getGroupIdStrategy, getLoginUrl, getPostLogOutUrl, getPostLogOutUrl2, getSecurityComponents, getUserIdStrategy, loadGroupByGroupname, setCaptchaSupport, validateCaptcha

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - AbstractPasswordBasedSecurityRealm
```
public AbstractPasswordBasedSecurityRealm()
```
- Method Detail
  - createSecurityComponents
```
public SecurityRealm.SecurityComponents createSecurityComponents()
```
    Description copied from class: SecurityRealm
    
    Creates fully-configured AuthenticationManager that performs authentication against the user realm. The implementation hides how such authentication manager is configured.
    AuthenticationManager instantiation often depends on the user-specified parameters (for example, if the authentication is based on LDAP, the user needs to specify the host name of the LDAP server.) Such configuration is expected to be presented to the user via config.jelly and then captured as instance variables inside the SecurityRealm implementation.
    Your SecurityRealm may also wants to alter Filter set up by overriding SecurityRealm.createFilter(FilterConfig).
    
    Specified by:
    
    createSecurityComponents in class SecurityRealm
  - authenticate2
```
protected org.springframework.security.core.userdetails.UserDetails authenticate2(String username,
                                                                                  String password)
                                                                           throws org.springframework.security.core.AuthenticationException
```
    Authenticate a login attempt. This method is the heart of a AbstractPasswordBasedSecurityRealm.
    If the user name and the password pair matches, retrieve the information about this user and return it as a UserDetails object. User is a convenient implementation to use, but if your backend offers additional data, you may want to use your own subtype so that the rest of Hudson can use those additional information (such as e-mail address --- see MailAddressResolver.)
    Properties like UserDetails.getPassword() make no sense, so just return an empty value from it. The only information that you need to pay real attention is UserDetails.getAuthorities(), which is a list of roles/groups that the user is in. At minimum, this must contain SecurityRealm.AUTHENTICATED_AUTHORITY (which indicates that this user is authenticated and not anonymous), but if your backend supports a notion of groups, you should make sure that the authorities contain one entry per one group. This enables users to control authorization based on groups.
    If the user name and the password pair doesn't match, throw AuthenticationException to reject the login attempt.
    
    Throws:
    
    org.springframework.security.core.AuthenticationException
    
    Since:
    
    2.266
  - authenticate
```
@Deprecated
protected UserDetails authenticate(String username,
                                               String password)
                                        throws AuthenticationException
```
    Deprecated. use authenticate2(java.lang.String, java.lang.String)
    
    Throws:
    
    AuthenticationException
  - loadUserByUsername2
```
public org.springframework.security.core.userdetails.UserDetails loadUserByUsername2(String username)
                                                                              throws org.springframework.security.core.userdetails.UsernameNotFoundException
```
    Retrieves information about an user by its name.
    This method is used, for example, to validate if the given token is a valid user name when the user is configuring an ACL. This is an optional method that improves the user experience. If your backend doesn't support a query like this, just always throw UsernameNotFoundException.
    
    Overrides:
    
    loadUserByUsername2 in class SecurityRealm
    
    Returns:
    
    never null.
    
    Throws:
    
    UserMayOrMayNotExistException2 - If the security realm cannot even tell if the user exists or not.
    
    org.springframework.security.core.userdetails.UsernameNotFoundException
  - loadUserByUsername
```
@Deprecated
public UserDetails loadUserByUsername(String username)
                                           throws UsernameNotFoundException,
                                                  DataAccessException
```
    Deprecated. use loadUserByUsername2(java.lang.String)
    
    Overrides:
    
    loadUserByUsername in class SecurityRealm
    
    Throws:
    
    UsernameNotFoundException
    
    DataAccessException
  - loadGroupByGroupname2
```
public GroupDetails loadGroupByGroupname2(String groupname,
                                          boolean fetchMembers)
                                   throws org.springframework.security.core.userdetails.UsernameNotFoundException
```
    Retrieves information about a group by its name. This method is the group version of the loadUserByUsername2(String).
    
    Overrides:
    
    loadGroupByGroupname2 in class SecurityRealm
    
    Parameters:
    
    groupname - the name of the group to fetch
    
    fetchMembers - if true then try and fetch the members of the group if it exists. Trying does not imply that the members will be fetched and GroupDetails.getMembers() may still return null
    
    Throws:
    
    UserMayOrMayNotExistException2 - if no conclusive result could be determined regarding the group existence.
    
    org.springframework.security.core.userdetails.UsernameNotFoundException - if the group does not exist.
  - loadGroupByGroupname
```
@Deprecated
public GroupDetails loadGroupByGroupname(String groupname)
                                              throws UsernameNotFoundException,
                                                     DataAccessException
```
    Deprecated. use loadGroupByGroupname2(java.lang.String, boolean)
    
    Overrides:
    
    loadGroupByGroupname in class SecurityRealm
    
    Throws:
    
    UsernameNotFoundException
    
    DataAccessException

Class AbstractPasswordBasedSecurityRealm

Nested Class Summary

Nested classes/interfaces inherited from class hudson.security.SecurityRealm

Nested classes/interfaces inherited from interface hudson.ExtensionPoint

Field Summary

Fields inherited from class hudson.security.SecurityRealm

Constructor Summary

Method Summary

Methods inherited from class hudson.security.SecurityRealm

Methods inherited from class java.lang.Object

Constructor Detail

AbstractPasswordBasedSecurityRealm

Method Detail

createSecurityComponents

authenticate2

authenticate

loadUserByUsername2

loadUserByUsername

loadGroupByGroupname2

loadGroupByGroupname