public class DaoX509AuthoritiesPopulator extends Object implements X509AuthoritiesPopulator, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware
UserDetailsService
.
Migrated from Spring Security 2 since it has been removed in Spring Security 3.
Modifier and Type | Field and Description |
---|---|
protected org.springframework.context.support.MessageSourceAccessor |
messages |
Constructor and Description |
---|
DaoX509AuthoritiesPopulator() |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet() |
org.springframework.security.core.userdetails.UserDetails |
getUserDetails(X509Certificate clientCert)
Obtains the granted authorities for the specified user.
|
void |
setMessageSource(org.springframework.context.MessageSource messageSource) |
void |
setSubjectDNRegex(String subjectDNRegex)
Sets the regular expression which will by used to extract the user name from the certificate's Subject
DN.
|
void |
setUserDetailsService(org.springframework.security.core.userdetails.UserDetailsService userDetailsService) |
public void afterPropertiesSet() throws Exception
afterPropertiesSet
in interface org.springframework.beans.factory.InitializingBean
Exception
public org.springframework.security.core.userdetails.UserDetails getUserDetails(X509Certificate clientCert) throws org.springframework.security.core.AuthenticationException
X509AuthoritiesPopulator
May throw any
AuthenticationException
or return null
if the authorities are unavailable.
getUserDetails
in interface X509AuthoritiesPopulator
clientCert
- the X.509 certificate suppliedorg.springframework.security.core.AuthenticationException
- if the user details are not available or the certificate isn't valid for the
application's purpose.public void setMessageSource(org.springframework.context.MessageSource messageSource)
setMessageSource
in interface org.springframework.context.MessageSourceAware
public void setSubjectDNRegex(String subjectDNRegex)
It should contain a single group; for example the default expression "CN=(.?)," matches the common name field. So "CN=Jimi Hendrix, OU=..." will give a user name of "Jimi Hendrix".
The matches are case insensitive. So "emailAddress=(.?)," will match "[email protected], CN=..." giving a user name "[email protected]"
subjectDNRegex
- the regular expression to find in the subjectpublic void setUserDetailsService(org.springframework.security.core.userdetails.UserDetailsService userDetailsService)
Copyright © 2019 Pivotal Software. All rights reserved.