org.springframework.security.provisioning

Class JdbcUserDetailsManager

java.lang.Object

org.springframework.dao.support.DaoSupport

org.springframework.jdbc.core.support.JdbcDaoSupport

org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl

org.springframework.security.provisioning.JdbcUserDetailsManager

All Implemented Interfaces:

InitializingBean, UserDetailsService, GroupManager, UserDetailsManager

public class JdbcUserDetailsManager
extends JdbcDaoImpl
implements UserDetailsManager, GroupManager

Jdbc user management service, based on the same table structure as its parent class, JdbcDaoImpl.

Provides CRUD operations for both users and groups. Note that if the enableAuthorities property is set to false, calls to createUser, updateUser and deleteUser will not store the authorities from the UserDetails or delete authorities for the user. Since this class cannot differentiate between authorities which were loaded for an individual or for a group of which the individual is a member, it's important that you take this into account when using this implementation for managing your users.

Since:

2.0

Field Summary

Fields

Modifier and Type	Field and Description
static String	DEF_CHANGE_PASSWORD_SQL
static String	DEF_CREATE_USER_SQL
static String	DEF_DELETE_GROUP_AUTHORITIES_SQL
static String	DEF_DELETE_GROUP_AUTHORITY_SQL
static String	DEF_DELETE_GROUP_MEMBER_SQL
static String	DEF_DELETE_GROUP_MEMBERS_SQL
static String	DEF_DELETE_GROUP_SQL
static String	DEF_DELETE_USER_AUTHORITIES_SQL
static String	DEF_DELETE_USER_SQL
static String	DEF_FIND_GROUP_ID_SQL
static String	DEF_FIND_GROUPS_SQL
static String	DEF_FIND_USERS_IN_GROUP_SQL
static String	DEF_GROUP_AUTHORITIES_QUERY_SQL
static String	DEF_INSERT_AUTHORITY_SQL
static String	DEF_INSERT_GROUP_AUTHORITY_SQL
static String	DEF_INSERT_GROUP_MEMBER_SQL
static String	DEF_INSERT_GROUP_SQL
static String	DEF_RENAME_GROUP_SQL
static String	DEF_UPDATE_USER_SQL
static String	DEF_USER_EXISTS_SQL
protected org.apache.commons.logging.Log	logger

Fields inherited from class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl

DEF_AUTHORITIES_BY_USERNAME_QUERY, DEF_GROUP_AUTHORITIES_BY_USERNAME_QUERY, DEF_USERS_BY_USERNAME_QUERY, messages

Constructor Summary

Constructors

Constructor and Description
JdbcUserDetailsManager()

Method Summary

Methods

Modifier and Type	Method and Description
void	addGroupAuthority(String groupName, GrantedAuthority authority) Assigns a new authority to a group.
void	addUserToGroup(String username, String groupName) Makes a user a member of a particular group.
void	changePassword(String oldPassword, String newPassword) Modify the current user's password.
void	createGroup(String groupName, List<GrantedAuthority> authorities) Creates a new group with the specified list of authorities.
protected Authentication	createNewAuthentication(Authentication currentAuth, String newPassword)
void	createUser(UserDetails user) Create a new user with the supplied details.
void	deleteGroup(String groupName) Removes a group, including all members and authorities.
void	deleteUser(String username) Remove the user with the given login name from the system.
List<String>	findAllGroups() Returns the names of all groups that this group manager controls.
List<GrantedAuthority>	findGroupAuthorities(String groupName) Obtains the list of authorities which are assigned to a group.
List<String>	findUsersInGroup(String groupName) Locates the users who are members of a group
protected void	initDao()
void	removeGroupAuthority(String groupName, GrantedAuthority authority) Deletes an authority from those assigned to a group
void	removeUserFromGroup(String username, String groupName) Deletes a user's membership of a group.
void	renameGroup(String oldName, String newName) Changes the name of a group without altering the assigned authorities or members.
void	setAuthenticationManager(AuthenticationManager authenticationManager)
void	setChangePasswordSql(String changePasswordSql)
void	setCreateAuthoritySql(String createAuthoritySql)
void	setCreateUserSql(String createUserSql)
void	setDeleteGroupAuthoritiesSql(String deleteGroupAuthoritiesSql)
void	setDeleteGroupAuthoritySql(String deleteGroupAuthoritySql)
void	setDeleteGroupMemberSql(String deleteGroupMemberSql)
void	setDeleteGroupMembersSql(String deleteGroupMembersSql)
void	setDeleteGroupSql(String deleteGroupSql)
void	setDeleteUserAuthoritiesSql(String deleteUserAuthoritiesSql)
void	setDeleteUserSql(String deleteUserSql)
void	setFindAllGroupsSql(String findAllGroupsSql)
void	setFindGroupIdSql(String findGroupIdSql)
void	setFindUsersInGroupSql(String findUsersInGroupSql)
void	setGroupAuthoritiesSql(String groupAuthoritiesSql)
void	setInsertGroupAuthoritySql(String insertGroupAuthoritySql)
void	setInsertGroupMemberSql(String insertGroupMemberSql)
void	setInsertGroupSql(String insertGroupSql)
void	setRenameGroupSql(String renameGroupSql)
void	setUpdateUserSql(String updateUserSql)
void	setUserCache(UserCache userCache) Optionally sets the UserCache if one is in use in the application.
void	setUserExistsSql(String userExistsSql)
void	updateUser(UserDetails user) Update the specified user.
boolean	userExists(String username) Check if a user with the supplied login name exists in the system.

Methods inherited from class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl

addCustomAuthorities, createUserDetails, getAuthoritiesByUsernameQuery, getEnableAuthorities, getEnableGroups, getRolePrefix, getUsersByUsernameQuery, isUsernameBasedPrimaryKey, loadGroupAuthorities, loadUserAuthorities, loadUserByUsername, loadUsersByUsername, setAuthoritiesByUsernameQuery, setEnableAuthorities, setEnableGroups, setGroupAuthoritiesByUsernameQuery, setRolePrefix, setUsernameBasedPrimaryKey, setUsersByUsernameQuery

Methods inherited from class org.springframework.jdbc.core.support.JdbcDaoSupport

checkDaoConfig, createJdbcTemplate, getConnection, getDataSource, getExceptionTranslator, getJdbcTemplate, initTemplateConfig, releaseConnection, setDataSource, setJdbcTemplate

Methods inherited from class org.springframework.dao.support.DaoSupport

afterPropertiesSet

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.springframework.security.core.userdetails.UserDetailsService

loadUserByUsername

Field Detail

DEF_CREATE_USER_SQL

public static final String DEF_CREATE_USER_SQL

See Also:

Constant Field Values

DEF_DELETE_USER_SQL

public static final String DEF_DELETE_USER_SQL

See Also:

Constant Field Values

DEF_UPDATE_USER_SQL

public static final String DEF_UPDATE_USER_SQL

See Also:

Constant Field Values

DEF_INSERT_AUTHORITY_SQL

public static final String DEF_INSERT_AUTHORITY_SQL

See Also:

Constant Field Values

DEF_DELETE_USER_AUTHORITIES_SQL

public static final String DEF_DELETE_USER_AUTHORITIES_SQL

See Also:

Constant Field Values

DEF_USER_EXISTS_SQL

public static final String DEF_USER_EXISTS_SQL

See Also:

Constant Field Values

DEF_CHANGE_PASSWORD_SQL

public static final String DEF_CHANGE_PASSWORD_SQL

See Also:

Constant Field Values

DEF_FIND_GROUPS_SQL

public static final String DEF_FIND_GROUPS_SQL

See Also:

Constant Field Values

DEF_FIND_USERS_IN_GROUP_SQL

public static final String DEF_FIND_USERS_IN_GROUP_SQL

See Also:

Constant Field Values

DEF_INSERT_GROUP_SQL

public static final String DEF_INSERT_GROUP_SQL

See Also:

Constant Field Values

DEF_FIND_GROUP_ID_SQL

public static final String DEF_FIND_GROUP_ID_SQL

See Also:

Constant Field Values

DEF_INSERT_GROUP_AUTHORITY_SQL

public static final String DEF_INSERT_GROUP_AUTHORITY_SQL

See Also:

Constant Field Values

DEF_DELETE_GROUP_SQL

public static final String DEF_DELETE_GROUP_SQL

See Also:

Constant Field Values

DEF_DELETE_GROUP_AUTHORITIES_SQL

public static final String DEF_DELETE_GROUP_AUTHORITIES_SQL

See Also:

Constant Field Values

DEF_DELETE_GROUP_MEMBERS_SQL

public static final String DEF_DELETE_GROUP_MEMBERS_SQL

See Also:

Constant Field Values

DEF_RENAME_GROUP_SQL

public static final String DEF_RENAME_GROUP_SQL

See Also:

Constant Field Values

DEF_INSERT_GROUP_MEMBER_SQL

public static final String DEF_INSERT_GROUP_MEMBER_SQL

See Also:

Constant Field Values

DEF_DELETE_GROUP_MEMBER_SQL

public static final String DEF_DELETE_GROUP_MEMBER_SQL

See Also:

Constant Field Values

DEF_GROUP_AUTHORITIES_QUERY_SQL

public static final String DEF_GROUP_AUTHORITIES_QUERY_SQL

See Also:

Constant Field Values

DEF_DELETE_GROUP_AUTHORITY_SQL

public static final String DEF_DELETE_GROUP_AUTHORITY_SQL

See Also:

Constant Field Values

logger

protected final org.apache.commons.logging.Log logger

Constructor Detail

JdbcUserDetailsManager

public JdbcUserDetailsManager()

Method Detail

initDao

protected void initDao()
                throws ApplicationContextException

Overrides:

initDao in class JdbcDaoImpl

Throws:

ApplicationContextException

createUser

public void createUser(UserDetails user)

Description copied from interface: UserDetailsManager

Create a new user with the supplied details.

Specified by:

createUser in interface UserDetailsManager

updateUser

public void updateUser(UserDetails user)

Description copied from interface: UserDetailsManager

Update the specified user.

Specified by:

updateUser in interface UserDetailsManager

deleteUser

public void deleteUser(String username)

Description copied from interface: UserDetailsManager

Remove the user with the given login name from the system.

Specified by:

deleteUser in interface UserDetailsManager

changePassword

public void changePassword(String oldPassword,
                  String newPassword)
                    throws AuthenticationException

Description copied from interface: UserDetailsManager

Modify the current user's password. This should change the user's password in the persistent user repository (datbase, LDAP etc).

Specified by:

changePassword in interface UserDetailsManager

Parameters:

oldPassword - current password (for re-authentication if required)

newPassword - the password to change to

Throws:

AuthenticationException

createNewAuthentication

protected Authentication createNewAuthentication(Authentication currentAuth,
                                     String newPassword)

userExists

public boolean userExists(String username)

Description copied from interface: UserDetailsManager

Check if a user with the supplied login name exists in the system.

Specified by:

userExists in interface UserDetailsManager

findAllGroups

public List<String> findAllGroups()

Description copied from interface: GroupManager

Returns the names of all groups that this group manager controls.

Specified by:

findAllGroups in interface GroupManager

findUsersInGroup

public List<String> findUsersInGroup(String groupName)

Description copied from interface: GroupManager

Locates the users who are members of a group

Specified by:

findUsersInGroup in interface GroupManager

Parameters:

groupName - the group whose members are required

Returns:

the usernames of the group members

createGroup

public void createGroup(String groupName,
               List<GrantedAuthority> authorities)

Description copied from interface: GroupManager

Creates a new group with the specified list of authorities.

Specified by:

createGroup in interface GroupManager

Parameters:

groupName - the name for the new group

authorities - the authorities which are to be allocated to this group.

deleteGroup

public void deleteGroup(String groupName)

Description copied from interface: GroupManager

Removes a group, including all members and authorities.

Specified by:

deleteGroup in interface GroupManager

Parameters:

groupName - the group to remove.

renameGroup

public void renameGroup(String oldName,
               String newName)

Description copied from interface: GroupManager

Changes the name of a group without altering the assigned authorities or members.

Specified by:

renameGroup in interface GroupManager

addUserToGroup

public void addUserToGroup(String username,
                  String groupName)

Description copied from interface: GroupManager

Makes a user a member of a particular group.

Specified by:

addUserToGroup in interface GroupManager

Parameters:

username - the user to be given membership.

groupName - the name of the group to which the user will be added.

removeUserFromGroup

public void removeUserFromGroup(String username,
                       String groupName)

Description copied from interface: GroupManager

Deletes a user's membership of a group.

Specified by:

removeUserFromGroup in interface GroupManager

Parameters:

username - the user

groupName - the group to remove them from

findGroupAuthorities

public List<GrantedAuthority> findGroupAuthorities(String groupName)

Description copied from interface: GroupManager

Obtains the list of authorities which are assigned to a group.

Specified by:

findGroupAuthorities in interface GroupManager

removeGroupAuthority

public void removeGroupAuthority(String groupName,
                        GrantedAuthority authority)

Description copied from interface: GroupManager

Deletes an authority from those assigned to a group

Specified by:

removeGroupAuthority in interface GroupManager

addGroupAuthority

public void addGroupAuthority(String groupName,
                     GrantedAuthority authority)

Description copied from interface: GroupManager

Assigns a new authority to a group.

Specified by:

addGroupAuthority in interface GroupManager

setAuthenticationManager

public void setAuthenticationManager(AuthenticationManager authenticationManager)

setCreateUserSql

public void setCreateUserSql(String createUserSql)

setDeleteUserSql

public void setDeleteUserSql(String deleteUserSql)

setUpdateUserSql

public void setUpdateUserSql(String updateUserSql)

setCreateAuthoritySql

public void setCreateAuthoritySql(String createAuthoritySql)

setDeleteUserAuthoritiesSql

public void setDeleteUserAuthoritiesSql(String deleteUserAuthoritiesSql)

setUserExistsSql

public void setUserExistsSql(String userExistsSql)

setChangePasswordSql

public void setChangePasswordSql(String changePasswordSql)

setFindAllGroupsSql

public void setFindAllGroupsSql(String findAllGroupsSql)

setFindUsersInGroupSql

public void setFindUsersInGroupSql(String findUsersInGroupSql)

setInsertGroupSql

public void setInsertGroupSql(String insertGroupSql)

setFindGroupIdSql

public void setFindGroupIdSql(String findGroupIdSql)

setInsertGroupAuthoritySql

public void setInsertGroupAuthoritySql(String insertGroupAuthoritySql)

setDeleteGroupSql

public void setDeleteGroupSql(String deleteGroupSql)

setDeleteGroupAuthoritiesSql

public void setDeleteGroupAuthoritiesSql(String deleteGroupAuthoritiesSql)

setDeleteGroupMembersSql

public void setDeleteGroupMembersSql(String deleteGroupMembersSql)

setRenameGroupSql

public void setRenameGroupSql(String renameGroupSql)

setInsertGroupMemberSql

public void setInsertGroupMemberSql(String insertGroupMemberSql)

setDeleteGroupMemberSql

public void setDeleteGroupMemberSql(String deleteGroupMemberSql)

setGroupAuthoritiesSql

public void setGroupAuthoritiesSql(String groupAuthoritiesSql)

setDeleteGroupAuthoritySql

public void setDeleteGroupAuthoritySql(String deleteGroupAuthoritySql)

setUserCache

public void setUserCache(UserCache userCache)

Optionally sets the UserCache if one is in use in the application. This allows the user to be removed from the cache after updates have taken place to avoid stale data.

Parameters:

userCache - the cache used by the AuthenticationManager.