Class JdbcUserDetailsManager
- java.lang.Object
-
- org.springframework.dao.support.DaoSupport
-
- org.springframework.jdbc.core.support.JdbcDaoSupport
-
- org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
-
- org.springframework.security.provisioning.JdbcUserDetailsManager
-
- All Implemented Interfaces:
org.springframework.beans.factory.Aware
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.MessageSourceAware
,UserDetailsService
,GroupManager
,UserDetailsManager
public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsManager, GroupManager
Jdbc user management service, based on the same table structure as its parent class, JdbcDaoImpl.Provides CRUD operations for both users and groups. Note that if the
enableAuthorities
property is set to false, calls to createUser, updateUser and deleteUser will not store the authorities from the UserDetails or delete authorities for the user. Since this class cannot differentiate between authorities which were loaded for an individual or for a group of which the individual is a member, it's important that you take this into account when using this implementation for managing your users.- Since:
- 2.0
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
DEF_CHANGE_PASSWORD_SQL
static java.lang.String
DEF_CREATE_USER_SQL
static java.lang.String
DEF_DELETE_GROUP_AUTHORITIES_SQL
static java.lang.String
DEF_DELETE_GROUP_AUTHORITY_SQL
static java.lang.String
DEF_DELETE_GROUP_MEMBER_SQL
static java.lang.String
DEF_DELETE_GROUP_MEMBERS_SQL
static java.lang.String
DEF_DELETE_GROUP_SQL
static java.lang.String
DEF_DELETE_USER_AUTHORITIES_SQL
static java.lang.String
DEF_DELETE_USER_SQL
static java.lang.String
DEF_FIND_GROUP_ID_SQL
static java.lang.String
DEF_FIND_GROUPS_SQL
static java.lang.String
DEF_FIND_USERS_IN_GROUP_SQL
static java.lang.String
DEF_GROUP_AUTHORITIES_QUERY_SQL
static java.lang.String
DEF_INSERT_AUTHORITY_SQL
static java.lang.String
DEF_INSERT_GROUP_AUTHORITY_SQL
static java.lang.String
DEF_INSERT_GROUP_MEMBER_SQL
static java.lang.String
DEF_INSERT_GROUP_SQL
static java.lang.String
DEF_RENAME_GROUP_SQL
static java.lang.String
DEF_UPDATE_USER_SQL
static java.lang.String
DEF_USER_EXISTS_SQL
protected org.apache.commons.logging.Log
logger
-
Fields inherited from class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
DEF_AUTHORITIES_BY_USERNAME_QUERY, DEF_GROUP_AUTHORITIES_BY_USERNAME_QUERY, DEF_USERS_BY_USERNAME_QUERY, DEFAULT_USER_SCHEMA_DDL_LOCATION, messages
-
-
Constructor Summary
Constructors Constructor Description JdbcUserDetailsManager()
JdbcUserDetailsManager(javax.sql.DataSource dataSource)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addGroupAuthority(java.lang.String groupName, GrantedAuthority authority)
Assigns a new authority to a group.void
addUserToGroup(java.lang.String username, java.lang.String groupName)
Makes a user a member of a particular group.void
changePassword(java.lang.String oldPassword, java.lang.String newPassword)
Modify the current user's password.void
createGroup(java.lang.String groupName, java.util.List<GrantedAuthority> authorities)
Creates a new group with the specified list of authorities.protected Authentication
createNewAuthentication(Authentication currentAuth, java.lang.String newPassword)
void
createUser(UserDetails user)
Create a new user with the supplied details.void
deleteGroup(java.lang.String groupName)
Removes a group, including all members and authorities.void
deleteUser(java.lang.String username)
Remove the user with the given login name from the system.java.util.List<java.lang.String>
findAllGroups()
Returns the names of all groups that this group manager controls.java.util.List<GrantedAuthority>
findGroupAuthorities(java.lang.String groupName)
Obtains the list of authorities which are assigned to a group.java.util.List<java.lang.String>
findUsersInGroup(java.lang.String groupName)
Locates the users who are members of a groupprotected void
initDao()
protected java.util.List<UserDetails>
loadUsersByUsername(java.lang.String username)
Executes the SQL usersByUsernameQuery and returns a list of UserDetails objects.void
removeGroupAuthority(java.lang.String groupName, GrantedAuthority authority)
Deletes an authority from those assigned to a groupvoid
removeUserFromGroup(java.lang.String username, java.lang.String groupName)
Deletes a user's membership of a group.void
renameGroup(java.lang.String oldName, java.lang.String newName)
Changes the name of a group without altering the assigned authorities or members.void
setAuthenticationManager(AuthenticationManager authenticationManager)
void
setChangePasswordSql(java.lang.String changePasswordSql)
void
setCreateAuthoritySql(java.lang.String createAuthoritySql)
void
setCreateUserSql(java.lang.String createUserSql)
void
setDeleteGroupAuthoritiesSql(java.lang.String deleteGroupAuthoritiesSql)
void
setDeleteGroupAuthoritySql(java.lang.String deleteGroupAuthoritySql)
void
setDeleteGroupMemberSql(java.lang.String deleteGroupMemberSql)
void
setDeleteGroupMembersSql(java.lang.String deleteGroupMembersSql)
void
setDeleteGroupSql(java.lang.String deleteGroupSql)
void
setDeleteUserAuthoritiesSql(java.lang.String deleteUserAuthoritiesSql)
void
setDeleteUserSql(java.lang.String deleteUserSql)
void
setFindAllGroupsSql(java.lang.String findAllGroupsSql)
void
setFindGroupIdSql(java.lang.String findGroupIdSql)
void
setFindUsersInGroupSql(java.lang.String findUsersInGroupSql)
void
setGroupAuthoritiesSql(java.lang.String groupAuthoritiesSql)
void
setInsertGroupAuthoritySql(java.lang.String insertGroupAuthoritySql)
void
setInsertGroupMemberSql(java.lang.String insertGroupMemberSql)
void
setInsertGroupSql(java.lang.String insertGroupSql)
void
setRenameGroupSql(java.lang.String renameGroupSql)
void
setSecurityContextHolderStrategy(SecurityContextHolderStrategy securityContextHolderStrategy)
Sets theSecurityContextHolderStrategy
to use.void
setUpdateUserSql(java.lang.String updateUserSql)
void
setUserCache(UserCache userCache)
Optionally sets the UserCache if one is in use in the application.void
setUserExistsSql(java.lang.String userExistsSql)
void
updateUser(UserDetails user)
Update the specified user.boolean
userExists(java.lang.String username)
Check if a user with the supplied login name exists in the system.-
Methods inherited from class org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
addCustomAuthorities, createUserDetails, getAuthoritiesByUsernameQuery, getEnableAuthorities, getEnableGroups, getMessages, getRolePrefix, getUsersByUsernameQuery, isUsernameBasedPrimaryKey, loadGroupAuthorities, loadUserAuthorities, loadUserByUsername, setAuthoritiesByUsernameQuery, setEnableAuthorities, setEnableGroups, setGroupAuthoritiesByUsernameQuery, setMessageSource, setRolePrefix, setUsernameBasedPrimaryKey, setUsersByUsernameQuery
-
Methods inherited from class org.springframework.jdbc.core.support.JdbcDaoSupport
checkDaoConfig, createJdbcTemplate, getConnection, getDataSource, getExceptionTranslator, getJdbcTemplate, initTemplateConfig, releaseConnection, setDataSource, setJdbcTemplate
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.springframework.security.core.userdetails.UserDetailsService
loadUserByUsername
-
-
-
-
Field Detail
-
DEF_CREATE_USER_SQL
public static final java.lang.String DEF_CREATE_USER_SQL
- See Also:
- Constant Field Values
-
DEF_DELETE_USER_SQL
public static final java.lang.String DEF_DELETE_USER_SQL
- See Also:
- Constant Field Values
-
DEF_UPDATE_USER_SQL
public static final java.lang.String DEF_UPDATE_USER_SQL
- See Also:
- Constant Field Values
-
DEF_INSERT_AUTHORITY_SQL
public static final java.lang.String DEF_INSERT_AUTHORITY_SQL
- See Also:
- Constant Field Values
-
DEF_DELETE_USER_AUTHORITIES_SQL
public static final java.lang.String DEF_DELETE_USER_AUTHORITIES_SQL
- See Also:
- Constant Field Values
-
DEF_USER_EXISTS_SQL
public static final java.lang.String DEF_USER_EXISTS_SQL
- See Also:
- Constant Field Values
-
DEF_CHANGE_PASSWORD_SQL
public static final java.lang.String DEF_CHANGE_PASSWORD_SQL
- See Also:
- Constant Field Values
-
DEF_FIND_GROUPS_SQL
public static final java.lang.String DEF_FIND_GROUPS_SQL
- See Also:
- Constant Field Values
-
DEF_FIND_USERS_IN_GROUP_SQL
public static final java.lang.String DEF_FIND_USERS_IN_GROUP_SQL
- See Also:
- Constant Field Values
-
DEF_INSERT_GROUP_SQL
public static final java.lang.String DEF_INSERT_GROUP_SQL
- See Also:
- Constant Field Values
-
DEF_FIND_GROUP_ID_SQL
public static final java.lang.String DEF_FIND_GROUP_ID_SQL
- See Also:
- Constant Field Values
-
DEF_INSERT_GROUP_AUTHORITY_SQL
public static final java.lang.String DEF_INSERT_GROUP_AUTHORITY_SQL
- See Also:
- Constant Field Values
-
DEF_DELETE_GROUP_SQL
public static final java.lang.String DEF_DELETE_GROUP_SQL
- See Also:
- Constant Field Values
-
DEF_DELETE_GROUP_AUTHORITIES_SQL
public static final java.lang.String DEF_DELETE_GROUP_AUTHORITIES_SQL
- See Also:
- Constant Field Values
-
DEF_DELETE_GROUP_MEMBERS_SQL
public static final java.lang.String DEF_DELETE_GROUP_MEMBERS_SQL
- See Also:
- Constant Field Values
-
DEF_RENAME_GROUP_SQL
public static final java.lang.String DEF_RENAME_GROUP_SQL
- See Also:
- Constant Field Values
-
DEF_INSERT_GROUP_MEMBER_SQL
public static final java.lang.String DEF_INSERT_GROUP_MEMBER_SQL
- See Also:
- Constant Field Values
-
DEF_DELETE_GROUP_MEMBER_SQL
public static final java.lang.String DEF_DELETE_GROUP_MEMBER_SQL
- See Also:
- Constant Field Values
-
DEF_GROUP_AUTHORITIES_QUERY_SQL
public static final java.lang.String DEF_GROUP_AUTHORITIES_QUERY_SQL
- See Also:
- Constant Field Values
-
DEF_DELETE_GROUP_AUTHORITY_SQL
public static final java.lang.String DEF_DELETE_GROUP_AUTHORITY_SQL
- See Also:
- Constant Field Values
-
logger
protected final org.apache.commons.logging.Log logger
-
-
Method Detail
-
initDao
protected void initDao() throws org.springframework.context.ApplicationContextException
- Overrides:
initDao
in classJdbcDaoImpl
- Throws:
org.springframework.context.ApplicationContextException
-
loadUsersByUsername
protected java.util.List<UserDetails> loadUsersByUsername(java.lang.String username)
Executes the SQL usersByUsernameQuery and returns a list of UserDetails objects. There should normally only be one matching user.- Overrides:
loadUsersByUsername
in classJdbcDaoImpl
-
createUser
public void createUser(UserDetails user)
Description copied from interface:UserDetailsManager
Create a new user with the supplied details.- Specified by:
createUser
in interfaceUserDetailsManager
-
updateUser
public void updateUser(UserDetails user)
Description copied from interface:UserDetailsManager
Update the specified user.- Specified by:
updateUser
in interfaceUserDetailsManager
-
deleteUser
public void deleteUser(java.lang.String username)
Description copied from interface:UserDetailsManager
Remove the user with the given login name from the system.- Specified by:
deleteUser
in interfaceUserDetailsManager
-
changePassword
public void changePassword(java.lang.String oldPassword, java.lang.String newPassword) throws AuthenticationException
Description copied from interface:UserDetailsManager
Modify the current user's password. This should change the user's password in the persistent user repository (datbase, LDAP etc).- Specified by:
changePassword
in interfaceUserDetailsManager
- Parameters:
oldPassword
- current password (for re-authentication if required)newPassword
- the password to change to- Throws:
AuthenticationException
-
createNewAuthentication
protected Authentication createNewAuthentication(Authentication currentAuth, java.lang.String newPassword)
-
userExists
public boolean userExists(java.lang.String username)
Description copied from interface:UserDetailsManager
Check if a user with the supplied login name exists in the system.- Specified by:
userExists
in interfaceUserDetailsManager
-
findAllGroups
public java.util.List<java.lang.String> findAllGroups()
Description copied from interface:GroupManager
Returns the names of all groups that this group manager controls.- Specified by:
findAllGroups
in interfaceGroupManager
-
findUsersInGroup
public java.util.List<java.lang.String> findUsersInGroup(java.lang.String groupName)
Description copied from interface:GroupManager
Locates the users who are members of a group- Specified by:
findUsersInGroup
in interfaceGroupManager
- Parameters:
groupName
- the group whose members are required- Returns:
- the usernames of the group members
-
createGroup
public void createGroup(java.lang.String groupName, java.util.List<GrantedAuthority> authorities)
Description copied from interface:GroupManager
Creates a new group with the specified list of authorities.- Specified by:
createGroup
in interfaceGroupManager
- Parameters:
groupName
- the name for the new groupauthorities
- the authorities which are to be allocated to this group.
-
deleteGroup
public void deleteGroup(java.lang.String groupName)
Description copied from interface:GroupManager
Removes a group, including all members and authorities.- Specified by:
deleteGroup
in interfaceGroupManager
- Parameters:
groupName
- the group to remove.
-
renameGroup
public void renameGroup(java.lang.String oldName, java.lang.String newName)
Description copied from interface:GroupManager
Changes the name of a group without altering the assigned authorities or members.- Specified by:
renameGroup
in interfaceGroupManager
-
addUserToGroup
public void addUserToGroup(java.lang.String username, java.lang.String groupName)
Description copied from interface:GroupManager
Makes a user a member of a particular group.- Specified by:
addUserToGroup
in interfaceGroupManager
- Parameters:
username
- the user to be given membership.groupName
- the name of the group to which the user will be added.
-
removeUserFromGroup
public void removeUserFromGroup(java.lang.String username, java.lang.String groupName)
Description copied from interface:GroupManager
Deletes a user's membership of a group.- Specified by:
removeUserFromGroup
in interfaceGroupManager
- Parameters:
username
- the usergroupName
- the group to remove them from
-
findGroupAuthorities
public java.util.List<GrantedAuthority> findGroupAuthorities(java.lang.String groupName)
Description copied from interface:GroupManager
Obtains the list of authorities which are assigned to a group.- Specified by:
findGroupAuthorities
in interfaceGroupManager
-
removeGroupAuthority
public void removeGroupAuthority(java.lang.String groupName, GrantedAuthority authority)
Description copied from interface:GroupManager
Deletes an authority from those assigned to a group- Specified by:
removeGroupAuthority
in interfaceGroupManager
-
addGroupAuthority
public void addGroupAuthority(java.lang.String groupName, GrantedAuthority authority)
Description copied from interface:GroupManager
Assigns a new authority to a group.- Specified by:
addGroupAuthority
in interfaceGroupManager
-
setSecurityContextHolderStrategy
public void setSecurityContextHolderStrategy(SecurityContextHolderStrategy securityContextHolderStrategy)
Sets theSecurityContextHolderStrategy
to use. The default action is to use theSecurityContextHolderStrategy
stored inSecurityContextHolder
.- Since:
- 5.8
-
setAuthenticationManager
public void setAuthenticationManager(AuthenticationManager authenticationManager)
-
setCreateUserSql
public void setCreateUserSql(java.lang.String createUserSql)
-
setDeleteUserSql
public void setDeleteUserSql(java.lang.String deleteUserSql)
-
setUpdateUserSql
public void setUpdateUserSql(java.lang.String updateUserSql)
-
setCreateAuthoritySql
public void setCreateAuthoritySql(java.lang.String createAuthoritySql)
-
setDeleteUserAuthoritiesSql
public void setDeleteUserAuthoritiesSql(java.lang.String deleteUserAuthoritiesSql)
-
setUserExistsSql
public void setUserExistsSql(java.lang.String userExistsSql)
-
setChangePasswordSql
public void setChangePasswordSql(java.lang.String changePasswordSql)
-
setFindAllGroupsSql
public void setFindAllGroupsSql(java.lang.String findAllGroupsSql)
-
setFindUsersInGroupSql
public void setFindUsersInGroupSql(java.lang.String findUsersInGroupSql)
-
setInsertGroupSql
public void setInsertGroupSql(java.lang.String insertGroupSql)
-
setFindGroupIdSql
public void setFindGroupIdSql(java.lang.String findGroupIdSql)
-
setInsertGroupAuthoritySql
public void setInsertGroupAuthoritySql(java.lang.String insertGroupAuthoritySql)
-
setDeleteGroupSql
public void setDeleteGroupSql(java.lang.String deleteGroupSql)
-
setDeleteGroupAuthoritiesSql
public void setDeleteGroupAuthoritiesSql(java.lang.String deleteGroupAuthoritiesSql)
-
setDeleteGroupMembersSql
public void setDeleteGroupMembersSql(java.lang.String deleteGroupMembersSql)
-
setRenameGroupSql
public void setRenameGroupSql(java.lang.String renameGroupSql)
-
setInsertGroupMemberSql
public void setInsertGroupMemberSql(java.lang.String insertGroupMemberSql)
-
setDeleteGroupMemberSql
public void setDeleteGroupMemberSql(java.lang.String deleteGroupMemberSql)
-
setGroupAuthoritiesSql
public void setGroupAuthoritiesSql(java.lang.String groupAuthoritiesSql)
-
setDeleteGroupAuthoritySql
public void setDeleteGroupAuthoritySql(java.lang.String deleteGroupAuthoritySql)
-
setUserCache
public void setUserCache(UserCache userCache)
Optionally sets the UserCache if one is in use in the application. This allows the user to be removed from the cache after updates have taken place to avoid stale data.- Parameters:
userCache
- the cache used by the AuthenticationManager.
-
-