Hi Ben, > Hi Wesley > > If you'd like to submit patches which take advantage of the enhanced > AuthenticationException.getAuthentication() method, I'd be pleased to > apply them to CVS. > > Best regards > Ben
OK, I started an attempt at adding the setting of the Authentication object right down at individual 'AuthenticationProvider' level. This became very problematic. Consider CasProxyTicketValidator, the 'validateNow' method of this class throws BadCredentialsException and AuthenticationServiceException, both of which would benefit from containing the failed Authentication. However, I had to trace back up through confirmTicketValid and into CasAuthenticationProvider.authenticateNow until there was an Authentication object in scope. This would require the 'catch-rethrow' approach and I suspect this would be the case elsewhere. This catch rethrow code would spread throughout the code and it would be very easy to forget to include it when adding another provider. What I have done (and this is a little more invasive, I know), is moved the catch-rethrow up from the ProviderManager to the AuthenticationManager rather than down to the indivual providers. To do this I have created an 'AbstractAuthenticationManager' class that is extended by ProviderManager. The abstract class uses the template pattern to perform a central 'catch-rethrow' setting of the Authentication object. This resolves a problem that was eating at me, which was that the setAuthentication was public in AuthenticationException. Now that this work is done by the AbstractAuthenticationManager the set method can be package scope. There may be other benefits to having this AbstractAuthenticationManager class in that now there is a central place in which yourself or contributers can put code that is required on authentication regardless of the AuthenticationManager used. How do you feel about this? Regards Wesley Hall
AbstractAuthenticationManager.java
Description: Binary data
AuthenticationException.java
Description: Binary data
ProviderManager.java
Description: Binary data
MockAuthenticationManager.java
Description: Binary data
