Default no-argument constructor. Ensures the internal {@link AuthenticationListener AuthenticationListener} collection is a non-null {@code ArrayList}.
Implementation of the {@link Authenticator} interface that functions in the following manner: <ol> <li>Calls template {@link #doAuthenticate doAuthenticate} method for subclass execution of the actual authentication behavior.</li> <li>If an {@code AuthenticationException} is thrown during {@code doAuthenticate}, {@link #notifyFailure(AuthenticationToken, AuthenticationException) notify} any registered {@link AuthenticationListener AuthenticationListener}s of the exception and then propagate the exception for the caller to handle.</li> <li>If no exception is thrown (indicating a successful login), {@link #notifySuccess(AuthenticationToken, AuthenticationInfo) notify} any registered {@link AuthenticationListener AuthenticationListener}s of the successful attempt.</li> <li>Return the {@code AuthenticationInfo}</li> </ol>
Template design pattern hook for subclasses to implement specific authentication behavior. <p/> Common behavior for most authentication attempts is encapsulated in the {@link #authenticate} method and that method invokes this one for custom behavior. <p/> <b>N.B.</b> Subclasses <em>should</em> throw some kind of {@code AuthenticationException} if there is a problem during authentication instead of returning {@code null}. A {@code null} return value indicates a configuration or programming error, since {@code AuthenticationException}s should indicate any expected problem (such as an unknown account or username, or invalid password, etc).
Returns the {@link AuthenticationListener AuthenticationListener}s that should be notified during authentication attempts.
Notifies any registered {@link AuthenticationListener AuthenticationListener}s that authentication failed for the specified {@code token} which resulted in the specified {@code ae} exception. This implementation merely iterates over the internal {@code listeners} collection and calls {@link AuthenticationListener#onFailure(AuthenticationToken, AuthenticationException) onFailure} for each.
Notifies any registered {@link AuthenticationListener AuthenticationListener}s that a {@code Subject} has logged-out. This implementation merely iterates over the internal {@code listeners} collection and calls {@link AuthenticationListener#onLogout(hunt.shiro.subject.PrincipalCollection) onLogout} for each.
Notifies any registered {@link AuthenticationListener AuthenticationListener}s that authentication was successful for the specified {@code token} which resulted in the specified {@code info}. This implementation merely iterates over the internal {@code listeners} collection and calls {@link AuthenticationListener#onSuccess(AuthenticationToken, AuthenticationInfo) onSuccess} for each.
This implementation merely calls {@link #notifyLogout(hunt.shiro.subject.PrincipalCollection) notifyLogout} to allow any registered listeners to react to the logout.
Sets the {@link AuthenticationListener AuthenticationListener}s that should be notified during authentication attempts.
Authenticates a user based on the submitted {@code AuthenticationToken}. <p/> If the authentication is successful, an {@link AuthenticationInfo} instance is returned that represents the user's account data relevant to Shiro. This returned object is generally used in turn to construct a {@code Subject} representing a more complete security-specific 'view' of an account that also allows access to a {@code Session}.
Callback triggered when a <code>Subject</code> logs out of the system.
Superclass for almost all {@link Authenticator} implementations that performs the common work around authentication attempts. <p/> This class delegates the actual authentication attempt to subclasses but supports notification for successful and failed logins as well as logouts. Notification is sent to one or more registered {@link AuthenticationListener AuthenticationListener}s to allow for custom processing logic when these conditions occur. <p/> In most cases, the only thing a subclass needs to do (via its {@link #doAuthenticate} implementation) is perform the actual principal/credential verification process for the submitted {@code AuthenticationToken}.