Examples of org.acegisecurity.userdetails.UserDetails

• org.acegisecurity.userdetails.UserDetails
  Provides core user information.

  Implementations are not used directly by Acegi Security for security purposes. They simply store user information which is later encapsulated into {@link Authentication} objects. This allows non-security related userinformation (such as email addresses, telephone numbers etc) to be stored in a convenient location.

  Concrete implementations must take particular care to ensure the non-null contract detailed for each method is enforced. See {@link org.acegisecurity.userdetails.User} for areference implementation (which you might like to extend).

  Concrete implementations should be immutable (value object semantics, like a String). This is because the UserDetails will be stored in caches and as such multiple threads may use the same instance.

  @author Ben Alex @version $Id: UserDetails.java 1784 2007-02-24 21:00:24Z luke_t $

    Assert.isInstanceOf( UsernamePasswordAuthenticationToken.class, authentication, messages .getMessage(
              "AbstractUserDetailsAuthenticationProvider.onlySupports", "Only UsernamePasswordAuthenticationToken is supported"));
    // Determine username
    String username = (authentication.getPrincipal() == null) ? "NONE_PROVIDED" : authentication.getName();
    boolean cacheWasUsed = true;
    UserDetails user = this.getUserCache().getUserFromCache(username);

    if (user == null) {
      cacheWasUsed = false;
      try {
        user = retrieveUserCustom(username, (UsernamePasswordAuthenticationToken) authentication);
      } catch (UsernameNotFoundException notFound) {
        if (hideUserNotFoundExceptions) {
          throw new BadCredentialsException( messages .getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
        } else {
          throw notFound;
        }
      }
      Assert.notNull(user, "retrieveUser returned null - a violation of the interface contract");
    }

    if (!user.isAccountNonLocked()) {
      throw new LockedException(messages.getMessage( "AbstractUserDetailsAuthenticationProvider.locked", "User account is locked"));
    }

    if (!user.isEnabled()) {
      if (authentication instanceof CustomUsernamePasswordAuthenticationToken) {
        throw new CustomAuthenticationException("该证书绑定帐号还未启用或者已禁用！", CustomAuthenticationException.CODE_CA, -1);
      } else {
        throw new DisabledException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.disabled", "User is disabled"));
      }
    }

    if (!user.isAccountNonExpired()) {
      throw new AccountExpiredException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.expired", "User account has expired"));
    }

    // This check must come here, as we don't want to tell users
    // about account status unless they presented the correct credentials
    try {
      additionalAuthenticationChecks(user, (UsernamePasswordAuthenticationToken) authentication);
    } catch (AuthenticationException exception) {
      // There was a problem, so try again after checking we're using
      // latest data
      cacheWasUsed = false;
      user = retrieveUserCustom(username, (UsernamePasswordAuthenticationToken) authentication);
      additionalAuthenticationChecks(user, (UsernamePasswordAuthenticationToken) authentication);
    }

    if (!user.isCredentialsNonExpired()) {
      throw new CredentialsExpiredException(messages .getMessage( "AbstractUserDetailsAuthenticationProvider.credentialsExpired", "User credentials have expired"));
    }

    if (!cacheWasUsed) {
      this.getUserCache().putUserInCache(user);
    }

    Object principalToReturn = user;

    if (isForcePrincipalAsString()) {
      principalToReturn = user.getUsername();
    }

    return createSuccessAuthentication(principalToReturn, authentication, user);
  }

    return createSuccessAuthentication(principalToReturn, authentication, user);
  }

  protected final UserDetails retrieveUserCustom(String username, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
    UserDetails loadedUser;
    if (authentication instanceof CustomUsernamePasswordAuthenticationToken) {
      try {
        loadedUser = ((CustomJdbcDaoImpl) this.getUserDetailsService())
            .loadUserByCaid(authentication.getName());
      } catch (DataAccessException repositoryProblem) {

  public UserDetails loadUserByCaid(String caid) throws UsernameNotFoundException, DataAccessException {
    List users = usersByCaidMapping.execute(caid);
    if (users.size() == 0) {
      throw new CustomAuthenticationException("该证书未与登录帐号绑定！",CustomAuthenticationException.CODE_CA,-2);
    }
    UserDetails user = (UserDetails) users.get(0); // contains no
    // GrantedAuthority[]
    List dbAuths = customAuthoritiesByUsernameMapping.execute(new Object[]{user.getUsername(),user.getUsername(),user.getUsername()});

    addCustomAuthorities(user.getUsername(), dbAuths);

    if (dbAuths.size() == 0) {
      throw new CustomAuthenticationException("该帐号没有任何访问权限！",CustomAuthenticationException.CODE_CA,-3);
    }

    GrantedAuthority[] arrayAuths = (GrantedAuthority[]) dbAuths.toArray(new GrantedAuthority[dbAuths.size()]);
    String returnUsername = user.getUsername();

    // if (!usernameBasedPrimaryKey) {
    // returnUsername = username;
    // }

    return new User(returnUsername, user.getPassword(), user.isEnabled(),
        true, true, true, arrayAuths);
  }

  public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
    List users = usersByUsernameMapping.execute(username);
    if (users.size() == 0)
      throw new UsernameNotFoundException("User not found");
    UserDetails user = (UserDetails) users.get(0);
    List dbAuths = this.customAuthoritiesByUsernameMapping.execute(new Object[]{user.getUsername(),user.getUsername(),user.getUsername()});
    addCustomAuthorities(user.getUsername(), dbAuths);
    //if (dbAuths.size() == 0)
    //  throw new UsernameNotFoundException("User has no GrantedAuthority");
    GrantedAuthority arrayAuths[] = (GrantedAuthority[]) (GrantedAuthority[]) dbAuths
        .toArray(new GrantedAuthority[dbAuths.size()]);
    String returnUsername = user.getUsername();
    if (!isUsernameBasedPrimaryKey())
      returnUsername = username;
    return new User(returnUsername, user.getPassword(), user.isEnabled(),
        true, true, true, arrayAuths);
  }

    protected Object mapRow(ResultSet rs, int rownum) throws SQLException {
      String username = rs.getString(1);
      String password = rs.getString(2);
      boolean enabled = rs.getBoolean(3);
      UserDetails user = new User(username,password,enabled,true,true,true,
          new GrantedAuthority[] { new GrantedAuthorityImpl("HOLDER") });
      return user;
    }

    public Authentication get() {
        Jenkins h = Jenkins.getInstance();
        Secret userName = Secret.decrypt(props.getProperty(getPropertyKey()));
        if (userName==null) return Jenkins.ANONYMOUS; // failed to decrypt
        try {
            UserDetails u = h.getSecurityRealm().loadUserByUsername(userName.getPlainText());
            return new UsernamePasswordAuthenticationToken(u.getUsername(), "", u.getAuthorities());
        } catch (AuthenticationException e) {
            return Jenkins.ANONYMOUS;
        } catch (DataAccessException e) {
            return Jenkins.ANONYMOUS;
        }

    public void set(Authentication a) throws IOException, InterruptedException {
        Jenkins h = Jenkins.getInstance();

        // make sure that this security realm is capable of retrieving the authentication by name,
        // as it's not required.
        UserDetails u = h.getSecurityRealm().loadUserByUsername(a.getName());
        props.setProperty(getPropertyKey(), Secret.fromString(u.getUsername()).getEncryptedValue());

        save();
    }

     *
     * @since 1.419
     */
    public Authentication impersonate() {
        try {
            UserDetails u = Jenkins.getInstance().getSecurityRealm().loadUserByUsername(id);
            return new UsernamePasswordAuthenticationToken(u.getUsername(), "", u.getAuthorities());
        } catch (AuthenticationException e) {
            // TODO: use the stored GrantedAuthorities
            return new UsernamePasswordAuthenticationToken(id, "",
                new GrantedAuthority[]{SecurityRealm.AUTHENTICATED_AUTHORITY});
        }

        if (!(oPrincipal instanceof UserDetails)) {
            log.warn("Unsupported Principal type in Authentication. Skipping auto-registration.");
            return null;
        }

        UserDetails userDetails = (UserDetails) oPrincipal;

        String userName = userDetails.getUsername();
        String password = userDetails.getPassword();
        boolean enabled = userDetails.isEnabled();

        User ud = new User();
        ud.setId(null);
        ud.setUserName(userName);

                    password = command.channel.call(new InteractivelyAskForPassword());

                if (password==null)
                    throw new BadCredentialsException("No password specified");

                UserDetails d = AbstractPasswordBasedSecurityRealm.this.authenticate(userName, password);
                return new UsernamePasswordAuthenticationToken(d, password, d.getAuthorities());
            }
        };
    }