AllSuccessfulStrategy类主要是返回所有的都认证成功后返回的认证信息,它继承了AbstractAuthenticationStrategy抽象,先对其解析如下:
1.AbstractAuthenticationStrategy抽象类
此抽象类可以参照AbstractAuthenticationStrategy抽象类源码解析,主要实现了beforeAllAttempts(所有realm认证之前进行的操作),beforeAttempt(某一个realm认证之前进行的操作),afterAttempt(某一个realm认证之后进行的操作),merge(之前认证的认证信息与当前realm认证之后获取的认证信息的合并),afterAllAttempts(所有的realm认证完成之后的操作)。
2.AllSuccessfulStrategy类
2.1.每一个realm认证之前的操作(验证此realm是否支持token,如果支持,返回认证信息,如果不支持,则抛出异常,该方法覆盖了AbstractAuthenticationStrategy的方法)
public AuthenticationInfo beforeAttempt(Realm realm, AuthenticationToken token, AuthenticationInfo info) throws AuthenticationException {
if (!realm.supports(token)) {
String msg = "Realm [" + realm + "] of type [" + realm.getClass().getName() + "] does not support " +
" the submitted AuthenticationToken [" + token + "]. The [" + getClass().getName() +
"] implementation requires all configured realm(s) to support and be able to process the submitted " +
"AuthenticationToken.";
throw new UnsupportedTokenException(msg);
}
return info;
}
2.2.每一个realm验证之后的操作(如果接受的异常信息不为空,则抛出异常,如果返回的异常信息为空,则合并当前认证的认证信息与之前的认证信息,该方法覆盖了AbstractAuthenticationStrategy的方法)
public AuthenticationInfo afterAttempt(Realm realm, AuthenticationToken token, AuthenticationInfo info, AuthenticationInfo aggregate, Throwable t)
throws AuthenticationException {
if (t != null) {
if (t instanceof AuthenticationException) {
//propagate:
throw ((AuthenticationException) t);
} else {
String msg = "Unable to acquire account data from realm [" + realm + "]. The [" +
getClass().getName() + " implementation requires all configured realm(s) to operate successfully " +
"for a successful authentication.";
throw new AuthenticationException(msg, t);
}
}
if (info == null) {
String msg = "Realm [" + realm + "] could not find any associated account data for the submitted " +
"AuthenticationToken [" + token + "]. The [" + getClass().getName() + "] implementation requires " +
"all configured realm(s) to acquire valid account data for a submitted token during the " +
"log-in process.";
throw new UnknownAccountException(msg);
}
log.debug("Account successfully authenticated using realm [{}]", realm);
// If non-null account is returned, then the realm was able to authenticate the
// user - so merge the account with any accumulated before:
merge(info, aggregate);
return aggregate;
}