SEC-2369: PreAuthenticatedGrantedAuthoritiesUserDetailsService fix case to createUserDetails method

2013-10-17 16:18:43 -05:00 · 2013-10-17 16:18:43 -05:00 · 04b091c385
parent 15a63c58a7
commit 04b091c385
1 changed files with 14 additions and 1 deletions
--- a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesUserDetailsService.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesUserDetailsService.java
@ -42,7 +42,7 @@ public class PreAuthenticatedGrantedAuthoritiesUserDetailsService
        Assert.notNull(token.getDetails());
        Assert.isInstanceOf(GrantedAuthoritiesContainer.class, token.getDetails());
        Collection<? extends GrantedAuthority> authorities = ((GrantedAuthoritiesContainer) token.getDetails()).getGrantedAuthorities();
-        return createuserDetails(token, authorities);
+        return createUserDetails(token, authorities);
    }

    /**
@ -51,6 +51,19 @@ public class PreAuthenticatedGrantedAuthoritiesUserDetailsService
     * @param token the authentication request token
     * @param authorities the pre-authenticated authorities.
     */
+    protected UserDetails createUserDetails(Authentication token, Collection<? extends GrantedAuthority> authorities) {
+        return createuserDetails(token, authorities);
+    }
+
+    /**
+     * Creates the final <tt>UserDetails</tt> object. Can be overridden to customize the contents.
+     *
+     * @deprecated Use {@link #createUserDetails(Authentication, Collection)}
+     *
+     * @param token the authentication request token
+     * @param authorities the pre-authenticated authorities.
+     */
+    @Deprecated
    protected UserDetails createuserDetails(Authentication token, Collection<? extends GrantedAuthority> authorities) {
        return new User(token.getName(), "N/A", true, true, true, true, authorities);
    }