Announcement Announcement Module
No announcement yet.
Adding extra authentication criteria Page Title Module
Move Remove Collapse
This topic is closed
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Adding extra authentication criteria

    I've subclassed PasswordDaoAuthenticationProvider and PasswordAuthenticationDao to load my UserDetails and return my Authentication object. The problem is that my client would like some extra checks to be made before returning a successful authentication. I'm struggling to figure out where to hook this in.

    Specifically, my problem is that the implementation of authenticate() in the PasswordDaoAuthenticationProvider ends by returning the result of a call to createSuccessAuthentication(). So, I have two options; a) override authenticate() completely, repeating the checks that are already there and adding my own; or b) override authenticate with a call to super, then do my checks and throw if any fail. The latter is preferable, but it bugs me that I'm creating a successful authentication before I'm done with the checks.

    So, I guess what I'm saying is that it would be nice if that series of checks (isEnabled, isLocked, etc.) in the authenticate() method were moved out to it's own template method.

    Or, am I missing some other place to hook in additional user checks?


  • #2
    I would recommend you use DaoAuthenticationProvider, which provides more extension points designed for subclassing.