Examples of com.jeecms.common.security.userdetails.UserDetails

• com.jeecms.common.security.userdetails.UserDetails
  Provides core user information.

  Implementations are not used directly by Spring Security for security purposes. They simply store user information which is later encapsulated into {@link Authentication} objects. This allows non-security related userinformation (such as email addresses, telephone numbers etc) to be stored in a convenient location.

  Concrete implementations must take particular care to ensure the non-null contract detailed for each method is enforced. See {@link org.springframework.security.core.userdetails.User} for a referenceimplementation (which you might like to extend).

  Concrete implementations should be immutable (value object semantics, like a String). This is because the UserDetails will be stored in caches and as such multiple threads may use the same instance.

  @author Ben Alex @version $Id: UserDetails.java,v 1.1 2011/12/06 01:36:08 administrator Exp $

    }
    // Check the user exists.
    // Defer lookup until after expiry time checked, to possibly avoid
    // expensive database call.

    UserDetails user = getUserDetailsService().loadUser(userId,
        cookieTokens[0]);

    // Check signature of token matches remaining details.
    // Must do this after user lookup, as we need the DAO-derived password.
    // If efficiency was a major issue, just add in a UserCache
    // implementation,
    // but recall that this method is usually only called once per
    // HttpSession - if the token is valid,
    // it will cause SecurityContextHolder population, whilst if invalid,
    // will cause the cookie to be cancelled.
    String expectedTokenSignature = makeTokenSignature(tokenExpiryTime,
        user.getUsername(), user.getPassword(), user.getId());

    if (!expectedTokenSignature.equals(cookieTokens[2])) {
      throw new InvalidCookieException(
          "Cookie token[2] contained signature '" + cookieTokens[2]
              + "' but expected '" + expectedTokenSignature + "'");

      return null;
    }

    logger.debug("Remember-me cookie detected");

    UserDetails user = null;

    String[] cookieTokens;
    try {
      cookieTokens = decodeCookie(rememberMeCookie);
      user = processAutoLoginCookie(cookieTokens, request, response);