Class LegacySecurityRealm

All Implemented Interfaces:
ExtensionPoint, Describable<SecurityRealm>, org.springframework.security.authentication.AuthenticationManager

public final class LegacySecurityRealm extends SecurityRealm implements org.springframework.security.authentication.AuthenticationManager
SecurityRealm that accepts ContainerAuthentication object without any check (that is, by assuming that the such token is already authenticated by the container.)
Author:
Kohsuke Kawaguchi
  • Field Details

    • DESCRIPTOR

      @Deprecated @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public static Descriptor<SecurityRealm> DESCRIPTOR
      Deprecated.
      as of 2.0 Don't use this field, use injection.
  • Constructor Details

    • LegacySecurityRealm

      @DataBoundConstructor public LegacySecurityRealm()
  • Method Details

    • createSecurityComponents

      public SecurityRealm.SecurityComponents createSecurityComponents()
      Description copied from class: SecurityRealm
      Creates fully-configured AuthenticationManager that performs authentication against the user realm. The implementation hides how such authentication manager is configured.

      AuthenticationManager instantiation often depends on the user-specified parameters (for example, if the authentication is based on LDAP, the user needs to specify the host name of the LDAP server.) Such configuration is expected to be presented to the user via config.jelly and then captured as instance variables inside the SecurityRealm implementation.

      Your SecurityRealm may also wants to alter Filter set up by overriding SecurityRealm.createFilter(FilterConfig).

      Specified by:
      createSecurityComponents in class SecurityRealm
    • authenticate

      public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication) throws org.springframework.security.core.AuthenticationException
      Specified by:
      authenticate in interface org.springframework.security.authentication.AuthenticationManager
      Throws:
      org.springframework.security.core.AuthenticationException
    • getAuthenticationGatewayUrl

      public String getAuthenticationGatewayUrl()
      To have the username/password authenticated by the container, submit the form to the URL defined by the servlet spec.
      Overrides:
      getAuthenticationGatewayUrl in class SecurityRealm
      See Also:
    • getLoginUrl

      public String getLoginUrl()
      Description copied from class: SecurityRealm
      Gets the target URL of the "login" link. There's no need to override this, except for LegacySecurityRealm. On legacy implementation this should point to loginEntry, which is protected by web.xml, so that the user can be eventually authenticated by the container.

      Path is relative from the context root of the Hudson application. The URL returned by this method will get the "from" query parameter indicating the page that the user was at.

      Overrides:
      getLoginUrl in class SecurityRealm
    • createFilter

      public jakarta.servlet.Filter createFilter(jakarta.servlet.FilterConfig filterConfig)
      Description copied from class: SecurityRealm
      Creates Filter that all the incoming HTTP requests will go through for authentication.

      The default implementation uses SecurityRealm.getSecurityComponents() and builds a standard filter chain. But subclasses can override this to completely change the filter sequence.

      For other plugins that want to contribute Filter, see PluginServletFilter.

      Overrides:
      createFilter in class SecurityRealm