Class JdbcUserDetailsManager
- java.lang.Object
- 
- org.springframework.dao.support.DaoSupport
- 
- org.springframework.jdbc.core.support.JdbcDaoSupport
- 
- org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
- 
- org.springframework.security.provisioning.JdbcUserDetailsManager
 
 
 
 
- 
- All Implemented Interfaces:
- org.springframework.beans.factory.Aware,- org.springframework.beans.factory.InitializingBean,- org.springframework.context.MessageSourceAware,- UserDetailsService,- GroupManager,- UserDetailsManager
 
 public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsManager, GroupManager Jdbc user management service, based on the same table structure as its parent class, JdbcDaoImpl.Provides CRUD operations for both users and groups. Note that if the enableAuthoritiesproperty is set to false, calls to createUser, updateUser and deleteUser will not store the authorities from the UserDetails or delete authorities for the user. Since this class cannot differentiate between authorities which were loaded for an individual or for a group of which the individual is a member, it's important that you take this into account when using this implementation for managing your users.- Since:
- 2.0
 
- 
- 
Field SummaryFields Modifier and Type Field Description static java.lang.StringDEF_CHANGE_PASSWORD_SQLstatic java.lang.StringDEF_CREATE_USER_SQLstatic java.lang.StringDEF_DELETE_GROUP_AUTHORITIES_SQLstatic java.lang.StringDEF_DELETE_GROUP_AUTHORITY_SQLstatic java.lang.StringDEF_DELETE_GROUP_MEMBER_SQLstatic java.lang.StringDEF_DELETE_GROUP_MEMBERS_SQLstatic java.lang.StringDEF_DELETE_GROUP_SQLstatic java.lang.StringDEF_DELETE_USER_AUTHORITIES_SQLstatic java.lang.StringDEF_DELETE_USER_SQLstatic java.lang.StringDEF_FIND_GROUP_ID_SQLstatic java.lang.StringDEF_FIND_GROUPS_SQLstatic java.lang.StringDEF_FIND_USERS_IN_GROUP_SQLstatic java.lang.StringDEF_GROUP_AUTHORITIES_QUERY_SQLstatic java.lang.StringDEF_INSERT_AUTHORITY_SQLstatic java.lang.StringDEF_INSERT_GROUP_AUTHORITY_SQLstatic java.lang.StringDEF_INSERT_GROUP_MEMBER_SQLstatic java.lang.StringDEF_INSERT_GROUP_SQLstatic java.lang.StringDEF_RENAME_GROUP_SQLstatic java.lang.StringDEF_UPDATE_USER_SQLstatic java.lang.StringDEF_USER_EXISTS_SQLprotected org.apache.commons.logging.Loglogger- 
Fields inherited from class org.springframework.security.core.userdetails.jdbc.JdbcDaoImplDEF_AUTHORITIES_BY_USERNAME_QUERY, DEF_GROUP_AUTHORITIES_BY_USERNAME_QUERY, DEF_USERS_BY_USERNAME_QUERY, DEFAULT_USER_SCHEMA_DDL_LOCATION, messages
 
- 
 - 
Constructor SummaryConstructors Constructor Description JdbcUserDetailsManager()JdbcUserDetailsManager(javax.sql.DataSource dataSource)
 - 
Method SummaryAll Methods Instance Methods Concrete Methods Modifier and Type Method Description voidaddGroupAuthority(java.lang.String groupName, GrantedAuthority authority)Assigns a new authority to a group.voidaddUserToGroup(java.lang.String username, java.lang.String groupName)Makes a user a member of a particular group.voidchangePassword(java.lang.String oldPassword, java.lang.String newPassword)Modify the current user's password.voidcreateGroup(java.lang.String groupName, java.util.List<GrantedAuthority> authorities)Creates a new group with the specified list of authorities.protected AuthenticationcreateNewAuthentication(Authentication currentAuth, java.lang.String newPassword)voidcreateUser(UserDetails user)Create a new user with the supplied details.voiddeleteGroup(java.lang.String groupName)Removes a group, including all members and authorities.voiddeleteUser(java.lang.String username)Remove the user with the given login name from the system.java.util.List<java.lang.String>findAllGroups()Returns the names of all groups that this group manager controls.java.util.List<GrantedAuthority>findGroupAuthorities(java.lang.String groupName)Obtains the list of authorities which are assigned to a group.java.util.List<java.lang.String>findUsersInGroup(java.lang.String groupName)Locates the users who are members of a groupprotected voidinitDao()protected java.util.List<UserDetails>loadUsersByUsername(java.lang.String username)Executes the SQL usersByUsernameQuery and returns a list of UserDetails objects.voidremoveGroupAuthority(java.lang.String groupName, GrantedAuthority authority)Deletes an authority from those assigned to a groupvoidremoveUserFromGroup(java.lang.String username, java.lang.String groupName)Deletes a user's membership of a group.voidrenameGroup(java.lang.String oldName, java.lang.String newName)Changes the name of a group without altering the assigned authorities or members.voidsetAuthenticationManager(AuthenticationManager authenticationManager)voidsetChangePasswordSql(java.lang.String changePasswordSql)voidsetCreateAuthoritySql(java.lang.String createAuthoritySql)voidsetCreateUserSql(java.lang.String createUserSql)voidsetDeleteGroupAuthoritiesSql(java.lang.String deleteGroupAuthoritiesSql)voidsetDeleteGroupAuthoritySql(java.lang.String deleteGroupAuthoritySql)voidsetDeleteGroupMemberSql(java.lang.String deleteGroupMemberSql)voidsetDeleteGroupMembersSql(java.lang.String deleteGroupMembersSql)voidsetDeleteGroupSql(java.lang.String deleteGroupSql)voidsetDeleteUserAuthoritiesSql(java.lang.String deleteUserAuthoritiesSql)voidsetDeleteUserSql(java.lang.String deleteUserSql)voidsetFindAllGroupsSql(java.lang.String findAllGroupsSql)voidsetFindGroupIdSql(java.lang.String findGroupIdSql)voidsetFindUsersInGroupSql(java.lang.String findUsersInGroupSql)voidsetGroupAuthoritiesSql(java.lang.String groupAuthoritiesSql)voidsetInsertGroupAuthoritySql(java.lang.String insertGroupAuthoritySql)voidsetInsertGroupMemberSql(java.lang.String insertGroupMemberSql)voidsetInsertGroupSql(java.lang.String insertGroupSql)voidsetRenameGroupSql(java.lang.String renameGroupSql)voidsetUpdateUserSql(java.lang.String updateUserSql)voidsetUserCache(UserCache userCache)Optionally sets the UserCache if one is in use in the application.voidsetUserExistsSql(java.lang.String userExistsSql)voidupdateUser(UserDetails user)Update the specified user.booleanuserExists(java.lang.String username)Check if a user with the supplied login name exists in the system.- 
Methods inherited from class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpladdCustomAuthorities, createUserDetails, getAuthoritiesByUsernameQuery, getEnableAuthorities, getEnableGroups, getMessages, getRolePrefix, getUsersByUsernameQuery, isUsernameBasedPrimaryKey, loadGroupAuthorities, loadUserAuthorities, loadUserByUsername, setAuthoritiesByUsernameQuery, setEnableAuthorities, setEnableGroups, setGroupAuthoritiesByUsernameQuery, setMessageSource, setRolePrefix, setUsernameBasedPrimaryKey, setUsersByUsernameQuery
 - 
Methods inherited from class org.springframework.jdbc.core.support.JdbcDaoSupportcheckDaoConfig, createJdbcTemplate, getConnection, getDataSource, getExceptionTranslator, getJdbcTemplate, initTemplateConfig, releaseConnection, setDataSource, setJdbcTemplate
 - 
Methods inherited from class java.lang.Objectclone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 - 
Methods inherited from interface org.springframework.security.core.userdetails.UserDetailsServiceloadUserByUsername
 
- 
 
- 
- 
- 
Field Detail- 
DEF_CREATE_USER_SQLpublic static final java.lang.String DEF_CREATE_USER_SQL - See Also:
- Constant Field Values
 
 - 
DEF_DELETE_USER_SQLpublic static final java.lang.String DEF_DELETE_USER_SQL - See Also:
- Constant Field Values
 
 - 
DEF_UPDATE_USER_SQLpublic static final java.lang.String DEF_UPDATE_USER_SQL - See Also:
- Constant Field Values
 
 - 
DEF_INSERT_AUTHORITY_SQLpublic static final java.lang.String DEF_INSERT_AUTHORITY_SQL - See Also:
- Constant Field Values
 
 - 
DEF_DELETE_USER_AUTHORITIES_SQLpublic static final java.lang.String DEF_DELETE_USER_AUTHORITIES_SQL - See Also:
- Constant Field Values
 
 - 
DEF_USER_EXISTS_SQLpublic static final java.lang.String DEF_USER_EXISTS_SQL - See Also:
- Constant Field Values
 
 - 
DEF_CHANGE_PASSWORD_SQLpublic static final java.lang.String DEF_CHANGE_PASSWORD_SQL - See Also:
- Constant Field Values
 
 - 
DEF_FIND_GROUPS_SQLpublic static final java.lang.String DEF_FIND_GROUPS_SQL - See Also:
- Constant Field Values
 
 - 
DEF_FIND_USERS_IN_GROUP_SQLpublic static final java.lang.String DEF_FIND_USERS_IN_GROUP_SQL - See Also:
- Constant Field Values
 
 - 
DEF_INSERT_GROUP_SQLpublic static final java.lang.String DEF_INSERT_GROUP_SQL - See Also:
- Constant Field Values
 
 - 
DEF_FIND_GROUP_ID_SQLpublic static final java.lang.String DEF_FIND_GROUP_ID_SQL - See Also:
- Constant Field Values
 
 - 
DEF_INSERT_GROUP_AUTHORITY_SQLpublic static final java.lang.String DEF_INSERT_GROUP_AUTHORITY_SQL - See Also:
- Constant Field Values
 
 - 
DEF_DELETE_GROUP_SQLpublic static final java.lang.String DEF_DELETE_GROUP_SQL - See Also:
- Constant Field Values
 
 - 
DEF_DELETE_GROUP_AUTHORITIES_SQLpublic static final java.lang.String DEF_DELETE_GROUP_AUTHORITIES_SQL - See Also:
- Constant Field Values
 
 - 
DEF_DELETE_GROUP_MEMBERS_SQLpublic static final java.lang.String DEF_DELETE_GROUP_MEMBERS_SQL - See Also:
- Constant Field Values
 
 - 
DEF_RENAME_GROUP_SQLpublic static final java.lang.String DEF_RENAME_GROUP_SQL - See Also:
- Constant Field Values
 
 - 
DEF_INSERT_GROUP_MEMBER_SQLpublic static final java.lang.String DEF_INSERT_GROUP_MEMBER_SQL - See Also:
- Constant Field Values
 
 - 
DEF_DELETE_GROUP_MEMBER_SQLpublic static final java.lang.String DEF_DELETE_GROUP_MEMBER_SQL - See Also:
- Constant Field Values
 
 - 
DEF_GROUP_AUTHORITIES_QUERY_SQLpublic static final java.lang.String DEF_GROUP_AUTHORITIES_QUERY_SQL - See Also:
- Constant Field Values
 
 - 
DEF_DELETE_GROUP_AUTHORITY_SQLpublic static final java.lang.String DEF_DELETE_GROUP_AUTHORITY_SQL - See Also:
- Constant Field Values
 
 - 
loggerprotected final org.apache.commons.logging.Log logger 
 
- 
 - 
Method Detail- 
initDaoprotected void initDao() throws org.springframework.context.ApplicationContextException- Overrides:
- initDaoin class- JdbcDaoImpl
- Throws:
- org.springframework.context.ApplicationContextException
 
 - 
loadUsersByUsernameprotected java.util.List<UserDetails> loadUsersByUsername(java.lang.String username) Executes the SQL usersByUsernameQuery and returns a list of UserDetails objects. There should normally only be one matching user.- Overrides:
- loadUsersByUsernamein class- JdbcDaoImpl
 
 - 
createUserpublic void createUser(UserDetails user) Description copied from interface:UserDetailsManagerCreate a new user with the supplied details.- Specified by:
- createUserin interface- UserDetailsManager
 
 - 
updateUserpublic void updateUser(UserDetails user) Description copied from interface:UserDetailsManagerUpdate the specified user.- Specified by:
- updateUserin interface- UserDetailsManager
 
 - 
deleteUserpublic void deleteUser(java.lang.String username) Description copied from interface:UserDetailsManagerRemove the user with the given login name from the system.- Specified by:
- deleteUserin interface- UserDetailsManager
 
 - 
changePasswordpublic void changePassword(java.lang.String oldPassword, java.lang.String newPassword) throws AuthenticationExceptionDescription copied from interface:UserDetailsManagerModify the current user's password. This should change the user's password in the persistent user repository (datbase, LDAP etc).- Specified by:
- changePasswordin interface- UserDetailsManager
- Parameters:
- oldPassword- current password (for re-authentication if required)
- newPassword- the password to change to
- Throws:
- AuthenticationException
 
 - 
createNewAuthenticationprotected Authentication createNewAuthentication(Authentication currentAuth, java.lang.String newPassword) 
 - 
userExistspublic boolean userExists(java.lang.String username) Description copied from interface:UserDetailsManagerCheck if a user with the supplied login name exists in the system.- Specified by:
- userExistsin interface- UserDetailsManager
 
 - 
findAllGroupspublic java.util.List<java.lang.String> findAllGroups() Description copied from interface:GroupManagerReturns the names of all groups that this group manager controls.- Specified by:
- findAllGroupsin interface- GroupManager
 
 - 
findUsersInGrouppublic java.util.List<java.lang.String> findUsersInGroup(java.lang.String groupName) Description copied from interface:GroupManagerLocates the users who are members of a group- Specified by:
- findUsersInGroupin interface- GroupManager
- Parameters:
- groupName- the group whose members are required
- Returns:
- the usernames of the group members
 
 - 
createGrouppublic void createGroup(java.lang.String groupName, java.util.List<GrantedAuthority> authorities)Description copied from interface:GroupManagerCreates a new group with the specified list of authorities.- Specified by:
- createGroupin interface- GroupManager
- Parameters:
- groupName- the name for the new group
- authorities- the authorities which are to be allocated to this group.
 
 - 
deleteGrouppublic void deleteGroup(java.lang.String groupName) Description copied from interface:GroupManagerRemoves a group, including all members and authorities.- Specified by:
- deleteGroupin interface- GroupManager
- Parameters:
- groupName- the group to remove.
 
 - 
renameGrouppublic void renameGroup(java.lang.String oldName, java.lang.String newName)Description copied from interface:GroupManagerChanges the name of a group without altering the assigned authorities or members.- Specified by:
- renameGroupin interface- GroupManager
 
 - 
addUserToGrouppublic void addUserToGroup(java.lang.String username, java.lang.String groupName)Description copied from interface:GroupManagerMakes a user a member of a particular group.- Specified by:
- addUserToGroupin interface- GroupManager
- Parameters:
- username- the user to be given membership.
- groupName- the name of the group to which the user will be added.
 
 - 
removeUserFromGrouppublic void removeUserFromGroup(java.lang.String username, java.lang.String groupName)Description copied from interface:GroupManagerDeletes a user's membership of a group.- Specified by:
- removeUserFromGroupin interface- GroupManager
- Parameters:
- username- the user
- groupName- the group to remove them from
 
 - 
findGroupAuthoritiespublic java.util.List<GrantedAuthority> findGroupAuthorities(java.lang.String groupName) Description copied from interface:GroupManagerObtains the list of authorities which are assigned to a group.- Specified by:
- findGroupAuthoritiesin interface- GroupManager
 
 - 
removeGroupAuthoritypublic void removeGroupAuthority(java.lang.String groupName, GrantedAuthority authority)Description copied from interface:GroupManagerDeletes an authority from those assigned to a group- Specified by:
- removeGroupAuthorityin interface- GroupManager
 
 - 
addGroupAuthoritypublic void addGroupAuthority(java.lang.String groupName, GrantedAuthority authority)Description copied from interface:GroupManagerAssigns a new authority to a group.- Specified by:
- addGroupAuthorityin interface- GroupManager
 
 - 
setAuthenticationManagerpublic void setAuthenticationManager(AuthenticationManager authenticationManager) 
 - 
setCreateUserSqlpublic void setCreateUserSql(java.lang.String createUserSql) 
 - 
setDeleteUserSqlpublic void setDeleteUserSql(java.lang.String deleteUserSql) 
 - 
setUpdateUserSqlpublic void setUpdateUserSql(java.lang.String updateUserSql) 
 - 
setCreateAuthoritySqlpublic void setCreateAuthoritySql(java.lang.String createAuthoritySql) 
 - 
setDeleteUserAuthoritiesSqlpublic void setDeleteUserAuthoritiesSql(java.lang.String deleteUserAuthoritiesSql) 
 - 
setUserExistsSqlpublic void setUserExistsSql(java.lang.String userExistsSql) 
 - 
setChangePasswordSqlpublic void setChangePasswordSql(java.lang.String changePasswordSql) 
 - 
setFindAllGroupsSqlpublic void setFindAllGroupsSql(java.lang.String findAllGroupsSql) 
 - 
setFindUsersInGroupSqlpublic void setFindUsersInGroupSql(java.lang.String findUsersInGroupSql) 
 - 
setInsertGroupSqlpublic void setInsertGroupSql(java.lang.String insertGroupSql) 
 - 
setFindGroupIdSqlpublic void setFindGroupIdSql(java.lang.String findGroupIdSql) 
 - 
setInsertGroupAuthoritySqlpublic void setInsertGroupAuthoritySql(java.lang.String insertGroupAuthoritySql) 
 - 
setDeleteGroupSqlpublic void setDeleteGroupSql(java.lang.String deleteGroupSql) 
 - 
setDeleteGroupAuthoritiesSqlpublic void setDeleteGroupAuthoritiesSql(java.lang.String deleteGroupAuthoritiesSql) 
 - 
setDeleteGroupMembersSqlpublic void setDeleteGroupMembersSql(java.lang.String deleteGroupMembersSql) 
 - 
setRenameGroupSqlpublic void setRenameGroupSql(java.lang.String renameGroupSql) 
 - 
setInsertGroupMemberSqlpublic void setInsertGroupMemberSql(java.lang.String insertGroupMemberSql) 
 - 
setDeleteGroupMemberSqlpublic void setDeleteGroupMemberSql(java.lang.String deleteGroupMemberSql) 
 - 
setGroupAuthoritiesSqlpublic void setGroupAuthoritiesSql(java.lang.String groupAuthoritiesSql) 
 - 
setDeleteGroupAuthoritySqlpublic void setDeleteGroupAuthoritySql(java.lang.String deleteGroupAuthoritySql) 
 - 
setUserCachepublic void setUserCache(UserCache userCache) Optionally sets the UserCache if one is in use in the application. This allows the user to be removed from the cache after updates have taken place to avoid stale data.- Parameters:
- userCache- the cache used by the AuthenticationManager.
 
 
- 
 
-