SEC-158: X509 to support Authentication.isAuthenticated() as per usual contract.

2025-10-30 22:28:46 +00:00 · 2006-02-09 04:25:07 +00:00 · 2006-02-09 04:25:07 +00:00 · ae29498f75
commit ae29498f75
parent 4dd75dfced
1 changed files with 13 additions and 2 deletions
--- a/core/src/main/java/org/acegisecurity/providers/x509/X509AuthenticationToken.java
+++ b/core/src/main/java/org/acegisecurity/providers/x509/X509AuthenticationToken.java
@ -38,20 +38,31 @@ public class X509AuthenticationToken extends AbstractAuthenticationToken {
    //~ Constructors ===========================================================

    /**
-     * Used for an authentication request
+     * Used for an authentication request.  The {@link
+     * Authentication#isAuthenticated()} will return <code>false</code>.
     *
-     * @param credentials DOCUMENT ME!
+     * @param credentials the certificate
     */
    public X509AuthenticationToken(X509Certificate credentials) {
        super(null);
        this.credentials = credentials;
    }

+    /**
+     * Used for an authentication response object. The {@link
+     * Authentication#isAuthenticated()} will return <code>true</code>.
+     *
+     * @param principal the principal, which is generally a
+     *        <code>UserDetails</code>
+     * @param credentials the certificate
+     * @param authorities the authorities
+     */
    public X509AuthenticationToken(Object principal,
        X509Certificate credentials, GrantedAuthority[] authorities) {
        super(authorities);
        this.principal = principal;
        this.credentials = credentials;
+        setAuthenticated(true);
    }

    //~ Methods ================================================================