diff --git a/core/src/main/java/org/springframework/security/AbstractAuthenticationManager.java b/core/src/main/java/org/springframework/security/AbstractAuthenticationManager.java index 5a6164e267..30186daf54 100644 --- a/core/src/main/java/org/springframework/security/AbstractAuthenticationManager.java +++ b/core/src/main/java/org/springframework/security/AbstractAuthenticationManager.java @@ -15,9 +15,6 @@ package org.springframework.security; -import org.springframework.security.providers.AbstractAuthenticationToken; - - /** * An abstract implementation of the {@link AuthenticationManager}. * @@ -43,10 +40,7 @@ public abstract class AbstractAuthenticationManager implements AuthenticationMan public final Authentication authenticate(Authentication authRequest) throws AuthenticationException { try { - Authentication authResult = doAuthentication(authRequest); - copyDetails(authRequest, authResult); - - return authResult; + return doAuthentication(authRequest); } catch (AuthenticationException e) { e.setAuthentication(authRequest); throw e; @@ -54,24 +48,10 @@ public abstract class AbstractAuthenticationManager implements AuthenticationMan } /** - * Copies the authentication details from a source Authentication object to a destination one, provided the - * latter does not already have one set. - * - * @param source source authentication - * @param dest the destination authentication object - */ - private void copyDetails(Authentication source, Authentication dest) { - if ((dest instanceof AbstractAuthenticationToken) && (dest.getDetails() == null)) { - AbstractAuthenticationToken token = (AbstractAuthenticationToken) dest; - - token.setDetails(source.getDetails()); - } - } - - /** - *

Concrete implementations of this class override this method to provide the authentication service.

- *

The contract for this method is documented in the {@link - * AuthenticationManager#authenticate(org.springframework.security.Authentication)}.

+ * Concrete implementations of this class override this method to provide the authentication service. + *

+ * The contract for this method is documented in the + * {@link AuthenticationManager#authenticate(org.springframework.security.Authentication)}. * * @param authentication the authentication request object * diff --git a/core/src/main/java/org/springframework/security/providers/ProviderManager.java b/core/src/main/java/org/springframework/security/providers/ProviderManager.java index 77706a4199..3cc94e2782 100644 --- a/core/src/main/java/org/springframework/security/providers/ProviderManager.java +++ b/core/src/main/java/org/springframework/security/providers/ProviderManager.java @@ -200,6 +200,7 @@ public class ProviderManager extends AbstractAuthenticationManager implements In try { result = provider.authenticate(authentication); + copyDetails(authentication, result); sessionController.checkAuthenticationAllowed(result); } catch (AuthenticationException ae) { lastException = ae; @@ -252,6 +253,21 @@ public class ProviderManager extends AbstractAuthenticationManager implements In throw lastException; } + /** + * Copies the authentication details from a source Authentication object to a destination one, provided the + * latter does not already have one set. + * + * @param source source authentication + * @param dest the destination authentication object + */ + private void copyDetails(Authentication source, Authentication dest) { + if ((dest instanceof AbstractAuthenticationToken) && (dest.getDetails() == null)) { + AbstractAuthenticationToken token = (AbstractAuthenticationToken) dest; + + token.setDetails(source.getDetails()); + } + } + public List getProviders() { return this.providers; }