public class JdbcDaoImpl extends org.springframework.jdbc.core.support.JdbcDaoSupport implements UserDetailsService
Column |
---|
username |
password |
enabled |
Column |
---|
username |
authority |
DEF_USERS_BY_USERNAME_QUERY
and DEF_AUTHORITIES_BY_USERNAME_QUERY
).
In order to minimise backward compatibility issues, this implementation doesn't recognise the expiration of user accounts or the expiration of user credentials. However, it does recognise and honour the user enabled/disabled column. This should map to a boolean type in the result set (the SQL type will depend on the database you are using). All the other columns map to Strings.
When groups are being used, the tables "groups", "group_members" and "group_authorities" are used. See
DEF_GROUP_AUTHORITIES_BY_USERNAME_QUERY
for the default query which is used to load the group authorities.
Again you can customize this by setting the groupAuthoritiesByUsernameQuery property, but the format of
the rows returned should match the default.
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
DEF_AUTHORITIES_BY_USERNAME_QUERY |
static java.lang.String |
DEF_GROUP_AUTHORITIES_BY_USERNAME_QUERY |
static java.lang.String |
DEF_USERS_BY_USERNAME_QUERY |
protected org.springframework.context.support.MessageSourceAccessor |
messages |
Constructor and Description |
---|
JdbcDaoImpl() |
Modifier and Type | Method and Description |
---|---|
protected void |
addCustomAuthorities(java.lang.String username,
java.util.List authorities)
Allows subclasses to add their own granted authorities to the list to be returned in the
User . |
protected UserDetails |
createUserDetails(java.lang.String username,
UserDetails userFromUserQuery,
GrantedAuthority[] combinedAuthorities)
Can be overridden to customize the creation of the final UserDetailsObject returnd from loadUserByUsername.
|
protected java.lang.String |
getAuthoritiesByUsernameQuery() |
protected boolean |
getEnableAuthorities() |
protected boolean |
getEnableGroups() |
protected java.lang.String |
getRolePrefix() |
java.lang.String |
getUsersByUsernameQuery() |
protected void |
initDao() |
protected boolean |
isUsernameBasedPrimaryKey() |
protected java.util.List |
loadGroupAuthorities(java.lang.String username) |
protected java.util.List |
loadUserAuthorities(java.lang.String username)
Loads authorities by executing the authoritiesByUsernameQuery.
|
UserDetails |
loadUserByUsername(java.lang.String username)
Locates the user based on the username.
|
protected java.util.List |
loadUsersByUsername(java.lang.String username)
Executes the usersByUsernameQuery and returns a list of UserDetails objects (there should normally
only be one matching user).
|
void |
setAuthoritiesByUsernameQuery(java.lang.String queryString)
Allows the default query string used to retrieve authorities based on username to be overriden, if
default table or column names need to be changed.
|
void |
setEnableAuthorities(boolean enableAuthorities)
Enables loading of authorities (roles) from the authorities table.
|
void |
setEnableGroups(boolean enableGroups)
Enables support for group authorities.
|
void |
setGroupAuthoritiesByUsernameQuery(java.lang.String queryString)
Allows the default query string used to retrieve group authorities based on username to be overriden, if
default table or column names need to be changed.
|
void |
setRolePrefix(java.lang.String rolePrefix)
Allows a default role prefix to be specified.
|
void |
setUsernameBasedPrimaryKey(boolean usernameBasedPrimaryKey)
If
true (the default), indicates the getUsersByUsernameQuery() returns a username
in response to a query. |
void |
setUsersByUsernameQuery(java.lang.String usersByUsernameQueryString)
Allows the default query string used to retrieve users based on username to be overriden, if default
table or column names need to be changed.
|
public static final java.lang.String DEF_USERS_BY_USERNAME_QUERY
public static final java.lang.String DEF_AUTHORITIES_BY_USERNAME_QUERY
public static final java.lang.String DEF_GROUP_AUTHORITIES_BY_USERNAME_QUERY
protected org.springframework.context.support.MessageSourceAccessor messages
protected void addCustomAuthorities(java.lang.String username, java.util.List authorities)
User
.username
- the username, for use by finder methodsauthorities
- the current granted authorities, as populated from the authoritiesByUsername
mappingpublic java.lang.String getUsersByUsernameQuery()
protected void initDao() throws org.springframework.context.ApplicationContextException
initDao
in class org.springframework.dao.support.DaoSupport
org.springframework.context.ApplicationContextException
public UserDetails loadUserByUsername(java.lang.String username) throws UsernameNotFoundException, org.springframework.dao.DataAccessException
UserDetailsService
UserDetails
object that comes back may have a username that is of a different case than what was
actually requested..loadUserByUsername
in interface UserDetailsService
username
- the username presented to the DaoAuthenticationProvider
null
)UsernameNotFoundException
- if the user could not be found or the user has no GrantedAuthorityorg.springframework.dao.DataAccessException
- if user could not be found for a repository-specific reasonprotected java.util.List loadUsersByUsername(java.lang.String username)
protected java.util.List loadUserAuthorities(java.lang.String username)
protected java.util.List loadGroupAuthorities(java.lang.String username)
protected UserDetails createUserDetails(java.lang.String username, UserDetails userFromUserQuery, GrantedAuthority[] combinedAuthorities)
username
- the name originally passed to loadUserByUsernameuserFromUserQuery
- the object returned from the execution of thecombinedAuthorities
- the combined array of authorities from all the authority loading queries.public void setAuthoritiesByUsernameQuery(java.lang.String queryString)
DEF_AUTHORITIES_BY_USERNAME_QUERY
; when modifying this query, ensure that all returned columns are mapped
back to the same column names as in the default query.queryString
- The query string to setprotected java.lang.String getAuthoritiesByUsernameQuery()
public void setGroupAuthoritiesByUsernameQuery(java.lang.String queryString)
DEF_GROUP_AUTHORITIES_BY_USERNAME_QUERY
; when modifying this query, ensure that all returned columns are mapped
back to the same column names as in the default query.queryString
- The query string to setpublic void setRolePrefix(java.lang.String rolePrefix)
rolePrefix
- the new prefixprotected java.lang.String getRolePrefix()
public void setUsernameBasedPrimaryKey(boolean usernameBasedPrimaryKey)
true
(the default), indicates the getUsersByUsernameQuery()
returns a username
in response to a query. If false
, indicates that a primary key is used instead. If set to
true
, the class will use the database-derived username in the returned UserDetails
.
If false
, the class will use the loadUserByUsername(String)
derived username in the
returned UserDetails
.usernameBasedPrimaryKey
- true
if the mapping queries return the username String
,
or false
if the mapping returns a database primary key.protected boolean isUsernameBasedPrimaryKey()
public void setUsersByUsernameQuery(java.lang.String usersByUsernameQueryString)
DEF_USERS_BY_USERNAME_QUERY
; when
modifying this query, ensure that all returned columns are mapped back to the same column names as in the
default query. If the 'enabled' column does not exist in the source db, a permanent true value for this column
may be returned by using a query similar to "SELECT username,password,'true' as enabled FROM users WHERE username = ?"
usersByUsernameQueryString
- The query string to setprotected boolean getEnableAuthorities()
public void setEnableAuthorities(boolean enableAuthorities)
protected boolean getEnableGroups()
public void setEnableGroups(boolean enableGroups)
enableGroups
-