AuthenticatorSecman
Authenticator implementation that authenticates the ApplicationUser .
Verifies that
-
the user exists
-
the user is UNLOCKED
-
the user has a persisted ApplicationUser#getEncryptedPassword() encrypted password
-
the provided raw-password, when encrypted, matches the persisted one
This Authenticator is a fallback and is only used if there is no other implementation available.
API
AuthenticatorSecman.java
class AuthenticatorSecman {
AuthenticatorSecman(ApplicationUserRepository applicationUserRepository, PasswordEncoder passwordEncoder)
boolean canAuthenticate(Class<? extends AuthenticationRequest> authenticationRequestClass)
InteractionContext authenticate(AuthenticationRequest request, String code)
void logout()
}