From 04b091c38540e19c8f72d344597bb4aca752eb1e Mon Sep 17 00:00:00 2001
From: Rob Winch <rwinch@vmware.com>
Date: Thu, 17 Oct 2013 16:18:43 -0500
Subject: [PATCH] SEC-2369:
 PreAuthenticatedGrantedAuthoritiesUserDetailsService fix case to
 createUserDetails method

---
 ...catedGrantedAuthoritiesUserDetailsService.java | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesUserDetailsService.java b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesUserDetailsService.java
index 5651f099e7..6bc5435e56 100755
--- a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesUserDetailsService.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesUserDetailsService.java
@@ -42,7 +42,7 @@ public class PreAuthenticatedGrantedAuthoritiesUserDetailsService
         Assert.notNull(token.getDetails());
         Assert.isInstanceOf(GrantedAuthoritiesContainer.class, token.getDetails());
         Collection<? extends GrantedAuthority> authorities = ((GrantedAuthoritiesContainer) token.getDetails()).getGrantedAuthorities();
-        return createuserDetails(token, authorities);
+        return createUserDetails(token, authorities);
     }
 
     /**
@@ -51,6 +51,19 @@ public class PreAuthenticatedGrantedAuthoritiesUserDetailsService
      * @param token the authentication request token
      * @param authorities the pre-authenticated authorities.
      */
+    protected UserDetails createUserDetails(Authentication token, Collection<? extends GrantedAuthority> authorities) {
+        return createuserDetails(token, authorities);
+    }
+
+    /**
+     * Creates the final <tt>UserDetails</tt> object. Can be overridden to customize the contents.
+     *
+     * @deprecated Use {@link #createUserDetails(Authentication, Collection)}
+     *
+     * @param token the authentication request token
+     * @param authorities the pre-authenticated authorities.
+     */
+    @Deprecated
     protected UserDetails createuserDetails(Authentication token, Collection<? extends GrantedAuthority> authorities) {
         return new User(token.getName(), "N/A", true, true, true, true, authorities);
     }