org.acegisecurity.userdetails.jdbc
Class JdbcDaoImpl

java.lang.Object
  org.springframework.dao.support.DaoSupport
      org.springframework.jdbc.core.support.JdbcDaoSupport
          org.acegisecurity.userdetails.jdbc.JdbcDaoImpl

All Implemented Interfaces:

UserDetailsService, InitializingBean

public class JdbcDaoImpl
extends JdbcDaoSupport
implements UserDetailsService

Retrieves user details (username, password, enabled flag, and authorities) from a JDBC location.

A default database structure is assumed, (see DEF_USERS_BY_USERNAME_QUERY and DEF_AUTHORITIES_BY_USERNAME_QUERY, which most users of this class will need to override, if using an existing scheme. This may be done by setting the default query strings used. If this does not provide enough flexibility, another strategy would be to subclass this class and override the MappingSqlQuery instances used, via the initMappingSqlQueries() extension point.

In order to minimise backward compatibility issues, this DAO does not recognise the expiration of user accounts or the expiration of user credentials. However, it does recognise and honour the user enabled/disabled column.

Version:

$Id: JdbcDaoImpl.java,v 1.17 2005/12/04 10:48:33 benalex Exp $

Author:

Ben Alex, colin sampaleanu

Nested Class Summary

protected class	JdbcDaoImpl.AuthoritiesByUsernameMapping Query object to look up a user's authorities.
protected class	JdbcDaoImpl.UsersByUsernameMapping Query object to look up a user.

Field Summary

protected MappingSqlQuery	authoritiesByUsernameMapping
static String	DEF_AUTHORITIES_BY_USERNAME_QUERY
static String	DEF_USERS_BY_USERNAME_QUERY
protected MappingSqlQuery	usersByUsernameMapping

Constructor Summary

JdbcDaoImpl()

Method Summary

protected void	addCustomAuthorities(String username, List authorities) Allows subclasses to add their own granted authorities to the list to be returned in the User.
String	getAuthoritiesByUsernameQuery()
String	getRolePrefix()
String	getUsersByUsernameQuery()
protected void	initDao()
protected void	initMappingSqlQueries() Extension point to allow other MappingSqlQuery objects to be substituted in a subclass
boolean	isUsernameBasedPrimaryKey()
UserDetails	loadUserByUsername(String username) Locates the user based on the username.
void	setAuthoritiesByUsernameQuery(String queryString) Allows the default query string used to retrieve authorities based on username to be overriden, if default table or column names need to be changed.
void	setRolePrefix(String rolePrefix) Allows a default role prefix to be specified.
void	setUsernameBasedPrimaryKey(boolean usernameBasedPrimaryKey) If true (the default), indicates the #getUsersByUsernameMapping() returns a username in response to a query.
void	setUsersByUsernameQuery(String usersByUsernameQueryString) Allows the default query string used to retrieve users based on username to be overriden, if default table or column names need to be changed.

Methods inherited from class org.springframework.jdbc.core.support.JdbcDaoSupport

checkDaoConfig, closeConnectionIfNecessary, createJdbcTemplate, getConnection, getDataSource, getExceptionTranslator, getJdbcTemplate, releaseConnection, setDataSource, setJdbcTemplate

Methods inherited from class org.springframework.dao.support.DaoSupport

afterPropertiesSet

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEF_USERS_BY_USERNAME_QUERY

public static final String DEF_USERS_BY_USERNAME_QUERY

See Also:

Constant Field Values

DEF_AUTHORITIES_BY_USERNAME_QUERY

public static final String DEF_AUTHORITIES_BY_USERNAME_QUERY

See Also:

Constant Field Values

authoritiesByUsernameMapping

protected MappingSqlQuery authoritiesByUsernameMapping

usersByUsernameMapping

protected MappingSqlQuery usersByUsernameMapping

Constructor Detail

JdbcDaoImpl

public JdbcDaoImpl()

Method Detail

setAuthoritiesByUsernameQuery

public void setAuthoritiesByUsernameQuery(String queryString)

Allows the default query string used to retrieve authorities based on username to be overriden, if default table or column names need to be changed. The default query is DEF_AUTHORITIES_BY_USERNAME_QUERY; when modifying this query, ensure that all returned columns are mapped back to the same column names as in the default query.

Parameters:

queryString - The query string to set

getAuthoritiesByUsernameQuery

public String getAuthoritiesByUsernameQuery()

setRolePrefix

public void setRolePrefix(String rolePrefix)

Allows a default role prefix to be specified. If this is set to a non-empty value, then it is automatically prepended to any roles read in from the db. This may for example be used to add the ROLE_ prefix expected to exist in role names (by default) by some other Acegi Security framework classes, in the case that the prefix is not already present in the db.

Parameters:

rolePrefix - the new prefix

getRolePrefix

public String getRolePrefix()

setUsernameBasedPrimaryKey

public void setUsernameBasedPrimaryKey(boolean usernameBasedPrimaryKey)

If true (the default), indicates the #getUsersByUsernameMapping() returns a username in response to a query. If false, indicates that a primary key is used instead. If set to true, the class will use the database-derived username in the returned UserDetails. If false, the class will use the loadUserByUsername(String) derived username in the returned UserDetails.

Parameters:

usernameBasedPrimaryKey - true if the mapping queries return the username String, or false if the mapping returns a database primary key.

isUsernameBasedPrimaryKey

public boolean isUsernameBasedPrimaryKey()

setUsersByUsernameQuery

public void setUsersByUsernameQuery(String usersByUsernameQueryString)

Allows the default query string used to retrieve users based on username to be overriden, if default table or column names need to be changed. The default query is DEF_USERS_BY_USERNAME_QUERY; when modifying this query, ensure that all returned columns are mapped back to the same column names as in the default query. If the 'enabled' column does not exist in the source db, a permanent true value for this column may be returned by using a query similar to

 "SELECT username,password,'true' as enabled FROM users WHERE username = ?"
 

Parameters:

usersByUsernameQueryString - The query string to set

getUsersByUsernameQuery

public String getUsersByUsernameQuery()

loadUserByUsername

public UserDetails loadUserByUsername(String username)
                               throws UsernameNotFoundException,
                                      DataAccessException

Description copied from interface: UserDetailsService

Locates the user based on the username. In the actual implementation, the search may possibly be case insensitive, or case insensitive depending on how the implementaion instance is configured. In this case, the UserDetails object that comes back may have a username that is of a different case than what was actually requested..

Specified by:

loadUserByUsername in interface UserDetailsService

Parameters:

username - the username presented to the DaoAuthenticationProvider

Returns:

a fully populated user record (never null)

Throws:

UsernameNotFoundException - if the user could not be found or the user has no GrantedAuthority

DataAccessException - if user could not be found for a repository-specific reason

addCustomAuthorities

protected void addCustomAuthorities(String username,
                                    List authorities)

Allows subclasses to add their own granted authorities to the list to be returned in the User.

Parameters:

username - the username, for use by finder methods

authorities - the current granted authorities, as populated from the authoritiesByUsername mapping

initDao

protected void initDao()
                throws ApplicationContextException

Overrides:

initDao in class DaoSupport

Throws:

ApplicationContextException

initMappingSqlQueries

protected void initMappingSqlQueries()

Extension point to allow other MappingSqlQuery objects to be substituted in a subclass