ReflectionSaltSource xref

View Javadoc

1   /* Copyright 2004, 2005 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity.providers.dao.salt;
17  
18  import org.acegisecurity.AuthenticationServiceException;
19  import org.acegisecurity.providers.dao.SaltSource;
20  import org.acegisecurity.userdetails.UserDetails;
21  
22  import org.springframework.beans.factory.InitializingBean;
23  
24  import java.lang.reflect.Method;
25  
26  
27  /***
28   * Obtains a salt from a specified property of the {@link User} object.
29   * 
30   * <P>
31   * This allows you to subclass <code>User</code> and provide an additional bean
32   * getter for a salt. You should use a synthetic value that does not change,
33   * such as a database primary key.  Do not use <code>username</code> if it is
34   * likely to change.
35   * </p>
36   *
37   * @author Ben Alex
38   * @version $Id: ReflectionSaltSource.java,v 1.7 2005/11/29 13:10:12 benalex Exp $
39   */
40  public class ReflectionSaltSource implements SaltSource, InitializingBean {
41      //~ Instance fields ========================================================
42  
43      private String userPropertyToUse;
44  
45      //~ Methods ================================================================
46  
47      /***
48       * Performs reflection on the passed <code>User</code> to obtain the salt.
49       * 
50       * <P>
51       * The property identified by <code>userPropertyToUse</code> must be
52       * available from the passed <code>User</code> object. If it is not
53       * available, an {@link AuthenticationServiceException} will be thrown.
54       * </p>
55       *
56       * @param user which contains the method identified by
57       *        <code>userPropertyToUse</code>
58       *
59       * @return the result of invoking <code>user.userPropertyToUse()</code>
60       *
61       * @throws AuthenticationServiceException if reflection fails
62       */
63      public Object getSalt(UserDetails user) {
64          try {
65              Method reflectionMethod = user.getClass().getMethod(this.userPropertyToUse,
66                      new Class[] {});
67  
68              return reflectionMethod.invoke(user, new Object[] {});
69          } catch (Exception exception) {
70              throw new AuthenticationServiceException(exception.getMessage());
71          }
72      }
73  
74      /***
75       * The method name to call to obtain the salt. If your
76       * <code>UserDetails</code> contains a <code>UserDetails.getSalt()</code>
77       * method, you should set this property to <code>getSalt</code>.
78       *
79       * @param userPropertyToUse the name of the <b>getter</b> to call to obtain
80       *        the salt from the <code>UserDetails</code>
81       */
82      public void setUserPropertyToUse(String userPropertyToUse) {
83          this.userPropertyToUse = userPropertyToUse;
84      }
85  
86      public String getUserPropertyToUse() {
87          return userPropertyToUse;
88      }
89  
90      public void afterPropertiesSet() throws Exception {
91          if ((this.getUserPropertyToUse() == null)
92              || "".equals(this.getUserPropertyToUse())) {
93              throw new IllegalArgumentException(
94                  "A userPropertyToUse must be set");
95          }
96      }
97  }