Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

SEC-1008: UserDetailsChecker.check(UserDetails, Authentication) or UserDetailsChecker.check(UserDetails, Object authenticationDetails) (on your taste) #1260

spring-issuemaster opened this Issue Oct 14, 2008 · 1 comment


None yet
1 participant

Gerr Magnus Mes(Migrated from SEC-1008) said:

Please, add Authentication (or authenticationDetails ) parameter to UserDetailsChecker.check(..) method. I need remote address for some sort checks.

Luke Taylor said:

I think this would ultimately be a misplacement of authentication logic which should probably go in an extended AuthenticationProvider. This interface is intended for simple checking of persistent data (for locked flags etc). Changing it would break existing implementations and it is also used from situations where an Authentication object isn’t actually available.

@spring-issuemaster spring-issuemaster added this to the 3.0.0 M1 milestone Feb 5, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment