Examples of org.acegisecurity.userdetails.UserDetails

• org.acegisecurity.userdetails.UserDetails
  Provides core user information.

  Implementations are not used directly by Acegi Security for security purposes. They simply store user information which is later encapsulated into {@link Authentication} objects. This allows non-security related userinformation (such as email addresses, telephone numbers etc) to be stored in a convenient location.

  Concrete implementations must take particular care to ensure the non-null contract detailed for each method is enforced. See {@link org.acegisecurity.userdetails.User} for areference implementation (which you might like to extend).

  Concrete implementations should be immutable (value object semantics, like a String). This is because the UserDetails will be stored in caches and as such multiple threads may use the same instance.

  @author Ben Alex @version $Id: UserDetails.java 1784 2007-02-24 21:00:24Z luke_t $

        if (users.size() == 0) {
            throw new UsernameNotFoundException("User not found");
        }

        UserDetails user = (UserDetails) users.get(0); // contains no GrantedAuthority[]

        List dbAuths = authoritiesByUsernameMapping.execute(user.getUsername());

        addCustomAuthorities(user.getUsername(), dbAuths);

        if (dbAuths.size() == 0) {
            throw new UsernameNotFoundException("User has no GrantedAuthority");
        }

        GrantedAuthority[] arrayAuths = (GrantedAuthority[]) dbAuths.toArray(new GrantedAuthority[dbAuths.size()]);

        String returnUsername = user.getUsername();

        if (!usernameBasedPrimaryKey) {
            returnUsername = username;
        }

        return new User(returnUsername, user.getPassword(), user.isEnabled(), true, true, true, arrayAuths);
    }

        protected Object mapRow(ResultSet rs, int rownum)
            throws SQLException {
            String username = rs.getString(1);
            String password = rs.getString(2);
            boolean enabled = rs.getBoolean(3);
            UserDetails user = new User(username, password, enabled, true, true, true,
                    new GrantedAuthority[] {new GrantedAuthorityImpl("HOLDER")});

            return user;
        }

                    "SwitchUserProcessingFilter.noOriginalAuthentication",
                    "Could not find original Authentication object"));
        }

        // get the source user details
        UserDetails originalUser = null;
        Object obj = original.getPrincipal();

        if ((obj != null) && obj instanceof UserDetails) {
            originalUser = (UserDetails) obj;
        }

        if (logger.isDebugEnabled()) {
            logger.debug("Attempt to switch to user [" + username + "]");
        }

        // load the user by name
        UserDetails targetUser = this.userDetailsService.loadUserByUsername(username);

        // user not found
        if (targetUser == null) {
            throw new UsernameNotFoundException(messages.getMessage("SwitchUserProcessingFilter.usernameNotFound",
                    new Object[] {username}, "Username {0} not found"));
        }

        // account is expired
        if (!targetUser.isAccountNonLocked()) {
            throw new LockedException(messages.getMessage("SwitchUserProcessingFilter.locked", "User account is locked"));
        }

        // user is disabled
        if (!targetUser.isEnabled()) {
            throw new DisabledException(messages.getMessage("SwitchUserProcessingFilter.disabled", "User is disabled"));
        }

        // account is expired
        if (!targetUser.isAccountNonExpired()) {
            throw new AccountExpiredException(messages.getMessage("SwitchUserProcessingFilter.expired",
                    "User account has expired"));
        }

        // credentials expired
        if (!targetUser.isCredentialsNonExpired()) {
            throw new CredentialsExpiredException(messages.getMessage("SwitchUserProcessingFilter.credentialsExpired",
                    "User credentials have expired"));
        }

        // ok, create the switch user token

            }

            // Check the user exists
            // Defer lookup until after expiry time checked, to
            // possibly avoid expensive lookup
            UserDetails userDetails = loadUserDetails(request, response, cookieTokens);

            if (userDetails == null) {
              cancelCookie(request, response, "Cookie token[0] contained username '" + cookieTokens[0]
                  + "' but was not found");
              return null;
            }

            if (!isValidUserDetails(request, response, userDetails, cookieTokens)) {
              return null;
            }

            // Check signature of token matches remaining details
            // Must do this after user lookup, as we need the
            // DAO-derived password
            // If efficiency was a major issue, just add in a
            // UserCache implementation,
            // but recall this method is usually only called one per
            // HttpSession
            // (as if the token is valid, it will cause
            // SecurityContextHolder population, whilst
            // if invalid, will cause the cookie to be cancelled)
            String expectedTokenSignature = makeTokenSignature(tokenExpiryTime, userDetails);

            if (!expectedTokenSignature.equals(cookieTokens[2])) {
              cancelCookie(request, response, "Cookie token[2] contained signature '" + cookieTokens[2]
                  + "' but expected '" + expectedTokenSignature + "'");

              return null;
            }

            // By this stage we have a valid token
            if (logger.isDebugEnabled()) {
              logger.debug("Remember-me cookie accepted");
            }

            RememberMeAuthenticationToken auth = new RememberMeAuthenticationToken(this.key, userDetails,
                userDetails.getAuthorities());
            auth.setDetails(authenticationDetailsSource.buildDetails((HttpServletRequest) request));

            return auth;
          }
          else {

    return true;
  }

  protected UserDetails loadUserDetails(HttpServletRequest request, HttpServletResponse response,
      String[] cookieTokens) {
    UserDetails userDetails = null;

    try {
      userDetails = this.userDetailsService.loadUserByUsername(cookieTokens[0]);
    }
    catch (UsernameNotFoundException notFound) {

        User user = new User();
        user.setLoginName("test");
        user.addSpaceWithRole(null, "ROLE_ADMIN");
        jtrac.storeUser(user);

        UserDetails ud = jtrac.loadUserByUsername("test");

        Set<String> set = new HashSet<String>();
        for (GrantedAuthority ga : ud.getAuthorities()) {
            set.add(ga.getAuthority());
        }

        assertEquals(1, set.size());
        assertTrue(set.contains("ROLE_ADMIN"));

        assertTrue(set.contains("ROLE_ADMIN"));

    }

    public void testDefaultAdminUserHasAdminRole() {
        UserDetails ud = jtrac.loadUserByUsername("admin");
        Set<String> set = new HashSet<String>();
        for (GrantedAuthority ga : ud.getAuthorities()) {
            set.add(ga.getAuthority());
        }
        assertEquals(1, set.size());
        assertTrue(set.contains("ROLE_ADMIN"));
    }

            logger.debug("bind failed: " + e);
            logger.debug("returning null from ldap authentication provider");
            return null;
        }
        logger.debug("user details retrieved from LDAP, now checking local database");
        UserDetails userDetails = null;
        try {
             userDetails = jtrac.loadUserByUsername(authentication.getName());
        } catch(AuthenticationException ae) { // catch just to log, then re-throw as-is
            logger.debug("ldap user not allocated to any Spaces within JTrac");
            throw ae;
        }
        return new UsernamePasswordAuthenticationToken(userDetails, "", userDetails.getAuthorities());
    }

              Authentication auth = securityContext
                  .getAuthentication();
              if (auth != null) {
                Object principal = auth.getPrincipal();
                if (principal instanceof UserDetails) {
                  UserDetails ud1 = (UserDetails) principal;
                  UserDetails ud2 = userCache
                      .getUserFromCache(ud1.getUsername());
                  if (!equalsForUser(ud1, ud2)) {
                    httpSession
                        .removeAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
                    SecurityContextHolder.clearContext();