Chapter 3

DomainUsernamePasswordAuthenticationToken
When a user authenticates, Spring Security submits an Authentication object to
AuthenticationProvider with the information provided by the user. The current
UsernamePasswordAuthentication object only contains a username and password
field. Create a DomainUsernamePasswordAuthenticationToken object that contains
a domain field.
src/main/java/com/packtpub/springsecurity/authentication/
DomainUsernamePasswordAuthenticationToken.java

public final class DomainUsernamePasswordAuthenticationToken

extends UsernamePasswordAuthenticationToken {
private final String domain;

// used for attempting authentication

public DomainUsernamePasswordAuthenticationToken(String
principal, String credentials, String domain) {
super(principal, credentials);
this.domain = domain;
}
// used for returning to Spring Security after being
//authenticated
public DomainUsernamePasswordAuthenticationToken(CalendarUser
principal, String credentials, String domain,
Collection<? extends GrantedAuthority> authorities) {
super(principal, credentials, authorities);
this.domain = domain;
}

public String getDomain() {

return domain;
}
}

Updating CalendarUserAuthenticationProvider
Now, we need to update CalendarUserAuthenticationProvider to utilize the
domain field.

src/main/java/com/packtpub/springsecurity/authentication/
CalendarUserAuthenticationProvider.java

public Authentication authenticate(Authentication authentication)

throws AuthenticationException {
DomainUsernamePasswordAuthenticationToken token =
(DomainUsernamePasswordAuthenticationToken) authentication;
String userName = token.getName();
String domain = token.getDomain();

[ 67 ]