Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-22 03:52:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-678: Merged changes from trunk.

Browse Source
This commit is contained in:
Luke Taylor 2008-02-18 20:44:09 +00:00
parent 1b07b5e616
commit f626d5ec47
10 changed files with 78 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
core/src/main/java/org/acegisecurity/AbstractAuthenticationManager.java
View File

@ -23,6 +23,10 @@ package org.acegisecurity;
* @version $Id$
*/
public abstract class AbstractAuthenticationManager implements AuthenticationManager {
//~ Instance fields ================================================================================================
private boolean clearExtraInformation = true;
//~ Methods ========================================================================================================
/**
@ -43,6 +47,11 @@ public abstract class AbstractAuthenticationManager implements AuthenticationMan
return doAuthentication(authRequest);
} catch (AuthenticationException e) {
e.setAuthentication(authRequest);
if (clearExtraInformation) {
e.clearExtraInformation();
}
throw e;
}
}
@ -60,4 +69,15 @@ public abstract class AbstractAuthenticationManager implements AuthenticationMan
*/
protected abstract Authentication doAuthentication(Authentication authentication)
throws AuthenticationException;
/**
* If set to true, the <tt>extraInformation</tt> set on an <tt>AuthenticationException</tt> will be cleared
* before rethrowing it. This is useful for use with remoting protocols where the information shouldn't
* be serialized to the client. Defaults to 'false'.
*
* @see AuthenticationException#getExtraInformation()
*/
public void setClearExtraInformation(boolean clearExtraInformation) {
this.clearExtraInformation = clearExtraInformation;
}
}

8
core/src/main/java/org/acegisecurity/AccountExpiredException.java
View File

@ -25,7 +25,7 @@ package org.acegisecurity;
public class AccountExpiredException extends AuthenticationException {
//~ Constructors ===================================================================================================
/**
/**
* Constructs a <code>AccountExpiredException</code> with the specified
* message.
*
@ -35,7 +35,7 @@ public class AccountExpiredException extends AuthenticationException {
super(msg);
}
/**
/**
* Constructs a <code>AccountExpiredException</code> with the specified
* message and root cause.
*
@ -45,4 +45,8 @@ public class AccountExpiredException extends AuthenticationException {
public AccountExpiredException(String msg, Throwable t) {
super(msg, t);
}
public AccountExpiredException(String msg, Object extraInformation) {
super(msg, extraInformation);
}
}

27
core/src/main/java/org/acegisecurity/AuthenticationException.java
View File

@ -25,12 +25,12 @@ package org.acegisecurity;
public abstract class AuthenticationException extends AcegiSecurityException {
//~ Instance fields ================================================================================================
/** The authentication that related to this exception (may be <code>null</code>) */
private Authentication authentication;
private Object extraInformation;
//~ Constructors ===================================================================================================
/**
/**
* Constructs an <code>AuthenticationException</code> with the specified
* message and root cause.
*
@ -41,7 +41,7 @@ public abstract class AuthenticationException extends AcegiSecurityException {
super(msg, t);
}
/**
/**
* Constructs an <code>AuthenticationException</code> with the specified
* message and no root cause.
*
@ -51,8 +51,16 @@ public abstract class AuthenticationException extends AcegiSecurityException {
super(msg);
}
public AuthenticationException(String msg, Object extraInformation) {
super(msg);
this.extraInformation = extraInformation;
}
//~ Methods ========================================================================================================
/**
* The authentication request which this exception corresponds to (may be <code>null</code>)
*/
public Authentication getAuthentication() {
return authentication;
}
@ -60,4 +68,17 @@ public abstract class AuthenticationException extends AcegiSecurityException {
void setAuthentication(Authentication authentication) {
this.authentication = authentication;
}
/**
* Any additional information about the exception. Generally a <code>UserDetails</code> object.
*
* @return extra information or <code>null</code>
*/
public Object getExtraInformation() {
return extraInformation;
}
void clearExtraInformation() {
this.extraInformation = null;
}
}

15
core/src/main/java/org/acegisecurity/BadCredentialsException.java
View File

@ -23,10 +23,6 @@ package org.acegisecurity;
* @version $Id$
*/
public class BadCredentialsException extends AuthenticationException {
//~ Instance fields ================================================================================================
private Object extraInformation;
//~ Constructors ===================================================================================================
/**
@ -40,8 +36,7 @@ public class BadCredentialsException extends AuthenticationException {
}
public BadCredentialsException(String msg, Object extraInformation) {
super(msg);
this.extraInformation = extraInformation;
super(msg, extraInformation);
}
/**
@ -57,12 +52,4 @@ public class BadCredentialsException extends AuthenticationException {
//~ Methods ========================================================================================================
/**
* Any additional information about the exception. Generally a <code>UserDetails</code> object.
*
* @return extra information or <code>null</code>
*/
public Object getExtraInformation() {
return extraInformation;
}
}

4
core/src/main/java/org/acegisecurity/CredentialsExpiredException.java
View File

@ -45,4 +45,8 @@ public class CredentialsExpiredException extends AuthenticationException {
public CredentialsExpiredException(String msg, Throwable t) {
super(msg, t);
}
public CredentialsExpiredException(String msg, Object extraInformation) {
super(msg, extraInformation);
}
}

4
core/src/main/java/org/acegisecurity/DisabledException.java
View File

@ -44,4 +44,8 @@ public class DisabledException extends AuthenticationException {
public DisabledException(String msg, Throwable t) {
super(msg, t);
}
public DisabledException(String msg, Object extraInformation) {
super(msg, extraInformation);
}
}

4
core/src/main/java/org/acegisecurity/LockedException.java
View File

@ -44,4 +44,8 @@ public class LockedException extends AuthenticationException {
public LockedException(String msg, Throwable t) {
super(msg, t);
}
public LockedException(String msg, Object extraInformation) {
super(msg, extraInformation);
}
}

17
core/src/main/java/org/acegisecurity/providers/dao/AbstractUserDetailsAuthenticationProvider.java
View File

@ -266,6 +266,12 @@ public abstract class AbstractUserDetailsAuthenticationProvider implements Authe
return preAuthenticationChecks;
}
/**
* Sets the policy will be used to verify the status of the loaded <tt>UserDetails</tt> <em>before</em>
* validation of the credentials takes place.
*
* @param preAuthenticationChecks strategy to be invoked prior to authentication.
*/
public void setPreAuthenticationChecks(UserDetailsChecker preAuthenticationChecks) {
this.preAuthenticationChecks = preAuthenticationChecks;
}
@ -286,19 +292,18 @@ public abstract class AbstractUserDetailsAuthenticationProvider implements Authe
public void check(UserDetails user) {
if (!user.isAccountNonLocked()) {
throw new LockedException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.locked",
"User account is locked"));
"User account is locked"), user);
}
if (!user.isEnabled()) {
throw new DisabledException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.disabled",
"User is disabled"));
"User is disabled"), user);
}
if (!user.isAccountNonExpired()) {
throw new AccountExpiredException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.expired",
"User account has expired"));
"User account has expired"), user);
}
}
}
@ -306,9 +311,9 @@ public abstract class AbstractUserDetailsAuthenticationProvider implements Authe
public void check(UserDetails user) {
if (!user.isCredentialsNonExpired()) {
throw new CredentialsExpiredException(messages.getMessage(
"AbstractUserDetailsAuthenticationProvider.credentialsExpired", "User credentials have expired"));
"AbstractUserDetailsAuthenticationProvider.credentialsExpired",
"User credentials have expired"), user);
}
}
}
}

29
core/src/main/java/org/acegisecurity/providers/dao/DaoAuthenticationProvider.java
View File

@ -15,8 +15,6 @@
package org.acegisecurity.providers.dao;
import java.util.Map;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.AuthenticationServiceException;
import org.acegisecurity.BadCredentialsException;
@ -26,7 +24,6 @@ import org.acegisecurity.providers.encoding.PasswordEncoder;
import org.acegisecurity.providers.encoding.PlaintextPasswordEncoder;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.UserDetailsService;
import org.springframework.context.ApplicationContext;
import org.springframework.dao.DataAccessException;
import org.springframework.util.Assert;
@ -82,31 +79,6 @@ public class DaoAuthenticationProvider extends AbstractUserDetailsAuthentication
Assert.notNull(this.userDetailsService, "A UserDetailsService must be set");
}
/**
* Introspects the <code>Applicationcontext</code> for the single instance
* of {@link AccessDeniedHandler}. If found invoke
* setAccessDeniedHandler(AccessDeniedHandler accessDeniedHandler) method by
* providing the found instance of accessDeniedHandler as a method
* parameter. If more than one instance of <code>AccessDeniedHandler</code>
* is found, the method throws <code>IllegalStateException</code>.
*
* @param applicationContext to locate the instance
*/
private void autoDetectAnyUserDetailsServiceAndUseIt(ApplicationContext applicationContext) {
if (applicationContext != null) {
Map map = applicationContext.getBeansOfType(UserDetailsService.class);
if (map.size() > 1) {
throw new IllegalArgumentException(
"More than one UserDetailsService beans detected please refer to the one using "
+ " [ principalRepositoryBeanRef ] " + "attribute");
}
else if (map.size() == 1) {
setUserDetailsService((UserDetailsService) map.values().iterator().next());
}
}
}
public PasswordEncoder getPasswordEncoder() {
return passwordEncoder;
}
@ -172,5 +144,4 @@ public class DaoAuthenticationProvider extends AbstractUserDetailsAuthentication
public void setIncludeDetailsObject(boolean includeDetailsObject) {
this.includeDetailsObject = includeDetailsObject;
}
}

8
core/src/main/java/org/acegisecurity/userdetails/checker/AccountStatusUserDetailsChecker.java
View File

@ -22,21 +22,21 @@ public class AccountStatusUserDetailsChecker implements UserDetailsChecker {
public void check(UserDetails user) {
if (!user.isAccountNonLocked()) {
throw new LockedException(messages.getMessage("UserDetailsService.locked", "User account is locked"));
throw new LockedException(messages.getMessage("UserDetailsService.locked", "User account is locked"), user);
}
if (!user.isEnabled()) {
throw new DisabledException(messages.getMessage("UserDetailsService.disabled", "User is disabled"));
throw new DisabledException(messages.getMessage("UserDetailsService.disabled", "User is disabled"), user);
}
if (!user.isAccountNonExpired()) {
throw new AccountExpiredException(messages.getMessage("UserDetailsService.expired",
"User account has expired"));
"User account has expired"), user);
}
if (!user.isCredentialsNonExpired()) {
throw new CredentialsExpiredException(messages.getMessage("UserDetailsService.credentialsExpired",
"User credentials have expired"));
"User credentials have expired"), user);
}
}
}