1 package org.springframework.security.config;
2
3 import org.springframework.beans.factory.config.BeanDefinition;
4 import org.springframework.beans.factory.config.PropertiesFactoryBean;
5 import org.springframework.beans.factory.support.BeanDefinitionBuilder;
6 import org.springframework.beans.factory.support.RootBeanDefinition;
7 import org.springframework.beans.factory.xml.ParserContext;
8 import org.springframework.beans.factory.BeanDefinitionStoreException;
9 import org.springframework.security.userdetails.memory.UserMap;
10 import org.springframework.security.userdetails.User;
11 import org.springframework.security.util.AuthorityUtils;
12 import org.springframework.util.StringUtils;
13 import org.springframework.util.CollectionUtils;
14 import org.springframework.util.xml.DomUtils;
15 import org.w3c.dom.Element;
16
17 import java.util.List;
18 import java.util.Iterator;
19
20
21
22
23
24
25 public class UserServiceBeanDefinitionParser extends AbstractUserDetailsServiceBeanDefinitionParser {
26
27 static final String ATT_PASSWORD = "password";
28 static final String ATT_NAME = "name";
29 static final String ELT_USER = "user";
30 static final String ATT_AUTHORITIES = "authorities";
31 static final String ATT_PROPERTIES = "properties";
32 static final String ATT_DISABLED = "disabled";
33 static final String ATT_LOCKED = "locked";
34
35 protected String getBeanClassName(Element element) {
36 return "org.springframework.security.userdetails.memory.InMemoryDaoImpl";
37 }
38
39 protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) {
40 String userProperties = element.getAttribute(ATT_PROPERTIES);
41 List userElts = DomUtils.getChildElementsByTagName(element, ELT_USER);
42
43 if (StringUtils.hasText(userProperties)) {
44
45 if(!CollectionUtils.isEmpty(userElts)) {
46 throw new BeanDefinitionStoreException("Use of a properties file and user elements are mutually exclusive");
47 }
48
49 BeanDefinition bd = new RootBeanDefinition(PropertiesFactoryBean.class);
50 bd.getPropertyValues().addPropertyValue("location", userProperties);
51 builder.addPropertyValue("userProperties", bd);
52
53 return;
54 }
55
56 if(CollectionUtils.isEmpty(userElts)) {
57 throw new BeanDefinitionStoreException("You must supply user definitions, either with <" + ELT_USER + "> child elements or a " +
58 "properties file (using the '" + ATT_PROPERTIES + "' attribute)" );
59 }
60
61 UserMap users = new UserMap();
62
63 for (Iterator i = userElts.iterator(); i.hasNext();) {
64 Element userElt = (Element) i.next();
65 String userName = userElt.getAttribute(ATT_NAME);
66 String password = userElt.getAttribute(ATT_PASSWORD);
67 boolean locked = "true".equals(userElt.getAttribute(ATT_LOCKED));
68 boolean disabled = "true".equals(userElt.getAttribute(ATT_DISABLED));
69
70 users.addUser(new User(userName, password, !disabled, true, true, !locked,
71 AuthorityUtils.commaSeparatedStringToAuthorityArray(userElt.getAttribute(ATT_AUTHORITIES))));
72 }
73
74 builder.addPropertyValue("userMap", users);
75 }
76 }