Class DaoX509AuthoritiesPopulator
java.lang.Object
org.springframework.ws.soap.security.x509.populator.DaoX509AuthoritiesPopulator
- All Implemented Interfaces:
org.springframework.beans.factory.Aware
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.MessageSourceAware
,X509AuthoritiesPopulator
public class DaoX509AuthoritiesPopulator
extends Object
implements X509AuthoritiesPopulator, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware
Populates the X509 authorities via an
UserDetailsService
.
Migrated from Spring Security 2 since it has been removed in Spring Security 3.
- Version:
- $Id: DaoX509AuthoritiesPopulator.java 2544 2008-01-29 11:50:33Z luke_t $
- Author:
- Luke Taylor
-
Field Summary
Modifier and TypeFieldDescriptionprotected org.springframework.context.support.MessageSourceAccessor
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
org.springframework.security.core.userdetails.UserDetails
getUserDetails
(X509Certificate clientCert) Obtains the granted authorities for the specified user.void
setMessageSource
(org.springframework.context.MessageSource messageSource) void
setSubjectDNRegex
(String subjectDNRegex) Sets the regular expression which will by used to extract the user name from the certificate's Subject DN.void
setUserDetailsService
(org.springframework.security.core.userdetails.UserDetailsService userDetailsService)
-
Field Details
-
messages
protected org.springframework.context.support.MessageSourceAccessor messages
-
-
Constructor Details
-
DaoX509AuthoritiesPopulator
public DaoX509AuthoritiesPopulator()
-
-
Method Details
-
afterPropertiesSet
- Specified by:
afterPropertiesSet
in interfaceorg.springframework.beans.factory.InitializingBean
- Throws:
Exception
-
getUserDetails
public org.springframework.security.core.userdetails.UserDetails getUserDetails(X509Certificate clientCert) throws org.springframework.security.core.AuthenticationException Description copied from interface:X509AuthoritiesPopulator
Obtains the granted authorities for the specified user.May throw any
AuthenticationException
or returnnull
if the authorities are unavailable.- Specified by:
getUserDetails
in interfaceX509AuthoritiesPopulator
- Parameters:
clientCert
- the X.509 certificate supplied- Returns:
- the details of the indicated user (at minimum the granted authorities and the username)
- Throws:
org.springframework.security.core.AuthenticationException
- if the user details are not available or the certificate isn't valid for the application's purpose.
-
setMessageSource
public void setMessageSource(org.springframework.context.MessageSource messageSource) - Specified by:
setMessageSource
in interfaceorg.springframework.context.MessageSourceAware
-
setSubjectDNRegex
Sets the regular expression which will by used to extract the user name from the certificate's Subject DN.It should contain a single group; for example the default expression "CN=(.?)," matches the common name field. So "CN=Jimi Hendrix, OU=..." will give a user name of "Jimi Hendrix".
The matches are case insensitive. So "emailAddress=(.?)," will match "[email protected], CN=..." giving a user name "[email protected]"
- Parameters:
subjectDNRegex
- the regular expression to find in the subject
-
setUserDetailsService
public void setUserDetailsService(org.springframework.security.core.userdetails.UserDetailsService userDetailsService)
-