Package org.springframework.security.provisioning

Class JdbcUserDetailsManager

java.lang.Object
org.springframework.dao.support.DaoSupport
org.springframework.jdbc.core.support.JdbcDaoSupport
org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl
org.springframework.security.provisioning.JdbcUserDetailsManager
All Implemented Interfaces:
org.springframework.beans.factory.Aware, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware, UserDetailsService, GroupManager, UserDetailsManager
public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsManager, GroupManager
Jdbc user management service, based on the same table structure as its parent class, JdbcDaoImpl.

Provides CRUD operations for both users and groups. Note that if the enableAuthorities property is set to false, calls to createUser, updateUser and deleteUser will not store the authorities from the UserDetails or delete authorities for the user. Since this class cannot differentiate between authorities which were loaded for an individual or for a group of which the individual is a member, it's important that you take this into account when using this implementation for managing your users.

Since:
2.0

  • Field Details

  • Constructor Details

    • JdbcUserDetailsManager

      public JdbcUserDetailsManager()

    • JdbcUserDetailsManager

      public JdbcUserDetailsManager(DataSource dataSource)

  • Method Details

    • setUserDetailsMapper

      public void setUserDetailsMapper(org.springframework.jdbc.core.RowMapper<UserDetails> mapper)
      Sets the RowMapper to convert each user result row into a UserDetails object. The default mapper expects columns with names like 'username', 'password', 'enabled', etc., and maps them directly to the corresponding UserDetails properties.
      Parameters:
      mapper - the RowMapper to use for mapping rows in the database, must not be null
      Since:
      6.5

    • setGrantedAuthorityMapper

      public void setGrantedAuthorityMapper(org.springframework.jdbc.core.RowMapper<GrantedAuthority> mapper)
      Sets the RowMapper to convert each authority result row into a GrantedAuthority object. The default mapper expects columns with names like 'authority' or 'role', and maps them directly to SimpleGrantedAuthority objects.
      Parameters:
      mapper - the RowMapper to use for mapping rows in the database to GrantedAuthority objects, must not be null
      Since:
      6.5

    • initDao

      protected void initDao() throws org.springframework.context.ApplicationContextException
      Overrides:
      initDao in class JdbcDaoImpl
      Throws:
      org.springframework.context.ApplicationContextException

    • loadUsersByUsername

      protected List<UserDetails> loadUsersByUsername(String username)
      Executes the SQL usersByUsernameQuery and returns a list of UserDetails objects. There should normally only be one matching user.
      Overrides:
      loadUsersByUsername in class JdbcDaoImpl

    • createUser

      public void createUser(UserDetails user)
      Description copied from interface: UserDetailsManager
      Create a new user with the supplied details.
      Specified by:
      createUser in interface UserDetailsManager

    • updateUser

      public void updateUser(UserDetails user)
      Description copied from interface: UserDetailsManager
      Update the specified user.
      Specified by:
      updateUser in interface UserDetailsManager

    • deleteUser

      public void deleteUser(String username)
      Description copied from interface: UserDetailsManager
      Remove the user with the given login name from the system.
      Specified by:
      deleteUser in interface UserDetailsManager

    • changePassword

      public void changePassword(String oldPassword, String newPassword) throws AuthenticationException
      Description copied from interface: UserDetailsManager
      Modify the current user's password. This should change the user's password in the persistent user repository (database, LDAP etc).
      Specified by:
      changePassword in interface UserDetailsManager
      Parameters:
      oldPassword - current password (for re-authentication if required)
      newPassword - the password to change to
      Throws:
      AuthenticationException

    • createNewAuthentication

      protected Authentication createNewAuthentication(Authentication currentAuth, String newPassword)

    • userExists

      public boolean userExists(String username)
      Description copied from interface: UserDetailsManager
      Check if a user with the supplied login name exists in the system.
      Specified by:
      userExists in interface UserDetailsManager

    • findAllGroups

      public List<String> findAllGroups()
      Description copied from interface: GroupManager
      Returns the names of all groups that this group manager controls.
      Specified by:
      findAllGroups in interface GroupManager

    • findUsersInGroup

      public List<String> findUsersInGroup(String groupName)
      Description copied from interface: GroupManager
      Locates the users who are members of a group
      Specified by:
      findUsersInGroup in interface GroupManager
      Parameters:
      groupName - the group whose members are required
      Returns:
      the usernames of the group members

    • createGroup

      public void createGroup(String groupName, List<GrantedAuthority> authorities)
      Description copied from interface: GroupManager
      Creates a new group with the specified list of authorities.
      Specified by:
      createGroup in interface GroupManager
      Parameters:
      groupName - the name for the new group
      authorities - the authorities which are to be allocated to this group.

    • deleteGroup

      public void deleteGroup(String groupName)
      Description copied from interface: GroupManager
      Removes a group, including all members and authorities.
      Specified by:
      deleteGroup in interface GroupManager
      Parameters:
      groupName - the group to remove.

    • renameGroup

      public void renameGroup(String oldName, String newName)
      Description copied from interface: GroupManager
      Changes the name of a group without altering the assigned authorities or members.
      Specified by:
      renameGroup in interface GroupManager

    • addUserToGroup

      public void addUserToGroup(String username, String groupName)
      Description copied from interface: GroupManager
      Makes a user a member of a particular group.
      Specified by:
      addUserToGroup in interface GroupManager
      Parameters:
      username - the user to be given membership.
      groupName - the name of the group to which the user will be added.

    • removeUserFromGroup

      public void removeUserFromGroup(String username, String groupName)
      Description copied from interface: GroupManager
      Deletes a user's membership of a group.
      Specified by:
      removeUserFromGroup in interface GroupManager
      Parameters:
      username - the user
      groupName - the group to remove them from

    • findGroupAuthorities

      public List<GrantedAuthority> findGroupAuthorities(String groupName)
      Description copied from interface: GroupManager
      Obtains the list of authorities which are assigned to a group.
      Specified by:
      findGroupAuthorities in interface GroupManager

    • removeGroupAuthority

      public void removeGroupAuthority(String groupName, GrantedAuthority authority)
      Description copied from interface: GroupManager
      Deletes an authority from those assigned to a group
      Specified by:
      removeGroupAuthority in interface GroupManager

    • addGroupAuthority

      public void addGroupAuthority(String groupName, GrantedAuthority authority)
      Description copied from interface: GroupManager
      Assigns a new authority to a group.
      Specified by:
      addGroupAuthority in interface GroupManager

    • setSecurityContextHolderStrategy

      public void setSecurityContextHolderStrategy(SecurityContextHolderStrategy securityContextHolderStrategy)
      Sets the SecurityContextHolderStrategy to use. The default action is to use the SecurityContextHolderStrategy stored in SecurityContextHolder.
      Since:
      5.8

    • setAuthenticationManager

      public void setAuthenticationManager(AuthenticationManager authenticationManager)

    • setCreateUserSql

      public void setCreateUserSql(String createUserSql)

    • setDeleteUserSql

      public void setDeleteUserSql(String deleteUserSql)

    • setUpdateUserSql

      public void setUpdateUserSql(String updateUserSql)

    • setCreateAuthoritySql

      public void setCreateAuthoritySql(String createAuthoritySql)

    • setDeleteUserAuthoritiesSql

      public void setDeleteUserAuthoritiesSql(String deleteUserAuthoritiesSql)

    • setUserExistsSql

      public void setUserExistsSql(String userExistsSql)

    • setChangePasswordSql

      public void setChangePasswordSql(String changePasswordSql)

    • setFindAllGroupsSql

      public void setFindAllGroupsSql(String findAllGroupsSql)

    • setFindUsersInGroupSql

      public void setFindUsersInGroupSql(String findUsersInGroupSql)

    • setInsertGroupSql

      public void setInsertGroupSql(String insertGroupSql)

    • setFindGroupIdSql

      public void setFindGroupIdSql(String findGroupIdSql)

    • setInsertGroupAuthoritySql

      public void setInsertGroupAuthoritySql(String insertGroupAuthoritySql)

    • setDeleteGroupSql

      public void setDeleteGroupSql(String deleteGroupSql)

    • setDeleteGroupAuthoritiesSql

      public void setDeleteGroupAuthoritiesSql(String deleteGroupAuthoritiesSql)

    • setDeleteGroupMembersSql

      public void setDeleteGroupMembersSql(String deleteGroupMembersSql)

    • setRenameGroupSql

      public void setRenameGroupSql(String renameGroupSql)

    • setInsertGroupMemberSql

      public void setInsertGroupMemberSql(String insertGroupMemberSql)

    • setDeleteGroupMemberSql

      public void setDeleteGroupMemberSql(String deleteGroupMemberSql)

    • setGroupAuthoritiesSql

      public void setGroupAuthoritiesSql(String groupAuthoritiesSql)

    • setDeleteGroupAuthoritySql

      public void setDeleteGroupAuthoritySql(String deleteGroupAuthoritySql)

    • setUserCache

      public void setUserCache(UserCache userCache)
      Optionally sets the UserCache if one is in use in the application. This allows the user to be removed from the cache after updates have taken place to avoid stale data.
      Parameters:
      userCache - the cache used by the AuthenticationManager.