Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

javadoc

This commit is contained in:
Luke Taylor 2009-08-10 12:10:04 +00:00
parent d65b1b3581
commit 972cd0a53c
1 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
core/src/main/java/org/springframework/security/authentication/AuthenticationTrustResolver.java
View File

@ -29,8 +29,8 @@ public interface AuthenticationTrustResolver {
/**
* Indicates whether the passed <code>Authentication</code> token represents an anonymous user. Typically
* the framework will call this method if it is trying to decide whether an <code>AccessDeniedException</code>
* should result in a final rejection (ie as would be the case if the principal was non-anonymous/fully
* authenticated) or direct the principal to attempt actual authentication (ie as would be the case if the
* should result in a final rejection (i.e. as would be the case if the principal was non-anonymous/fully
* authenticated) or direct the principal to attempt actual authentication (i.e. as would be the case if the
* <code>Authentication</code> was merely anonymous).
*
* @param authentication to test (may be <code>null</code> in which case the method will always return
@ -43,10 +43,11 @@ public interface AuthenticationTrustResolver {
/**
* Indicates whether the passed <code>Authentication</code> token represents user that has been remembered
* (ie not a user that has been fully authenticated).<p><b>No part of the framework uses this method</b>,
* as it is a weak definition of trust levels. The method is provided simply to assist with custom
* <code>AccessDecisionVoter</code>s and the like that you might develop. Of course, you don't need to use this
* method either and can develop your own "trust level" hierarchy instead.</p>
* (i.e. not a user that has been fully authenticated).
* <p>
* The method is provided to assist with custom <code>AccessDecisionVoter</code>s and the like that you
* might develop. Of course, you don't need to use this method either and can develop your own "trust level"
* hierarchy instead.
*
* @param authentication to test (may be <code>null</code> in which case the method will always return
* <code>false</code>)