org.acegisecurity.providers.x509.populator
Class DaoX509AuthoritiesPopulator

java.lang.Object
  extended by org.acegisecurity.providers.x509.populator.DaoX509AuthoritiesPopulator
All Implemented Interfaces:
X509AuthoritiesPopulator, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware

public class DaoX509AuthoritiesPopulator
extends Object
implements X509AuthoritiesPopulator, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware

Populates the X509 authorities via an UserDetailsService.

Version:
$Id: DaoX509AuthoritiesPopulator.java 1994 2007-08-30 20:55:49Z luke_t $
Author:
Luke Taylor

Field Summary
protected  org.springframework.context.support.MessageSourceAccessor messages
           
 
Constructor Summary
DaoX509AuthoritiesPopulator()
           
 
Method Summary
 void afterPropertiesSet()
           
 UserDetails getUserDetails(X509Certificate clientCert)
          Obtains the granted authorities for the specified user.
 void setMessageSource(org.springframework.context.MessageSource messageSource)
           
 void setSubjectDNRegex(String subjectDNRegex)
          Sets the regular expression which will by used to extract the user name from the certificate's Subject DN.
 void setUserDetailsService(UserDetailsService userDetailsService)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

messages

protected org.springframework.context.support.MessageSourceAccessor messages
Constructor Detail

DaoX509AuthoritiesPopulator

public DaoX509AuthoritiesPopulator()
Method Detail

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception
Specified by:
afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean
Throws:
Exception

getUserDetails

public UserDetails getUserDetails(X509Certificate clientCert)
                           throws AuthenticationException
Description copied from interface: X509AuthoritiesPopulator
Obtains the granted authorities for the specified user.

May throw any AuthenticationException or return null if the authorities are unavailable.

Specified by:
getUserDetails in interface X509AuthoritiesPopulator
Parameters:
clientCert - the X.509 certificate supplied
Returns:
the details of the indicated user (at minimum the granted authorities and the username)
Throws:
AuthenticationException - if the user details are not available or the certificate isn't valid for the application's purpose.

setMessageSource

public void setMessageSource(org.springframework.context.MessageSource messageSource)
Specified by:
setMessageSource in interface org.springframework.context.MessageSourceAware

setSubjectDNRegex

public void setSubjectDNRegex(String subjectDNRegex)
Sets the regular expression which will by used to extract the user name from the certificate's Subject DN.

It should contain a single group; for example the default expression "CN=(.?)," matches the common name field. So "CN=Jimi Hendrix, OU=..." will give a user name of "Jimi Hendrix".

The matches are case insensitive. So "emailAddress=(.?)," will match "EMAILADDRESS=jimi@hendrix.org, CN=..." giving a user name "jimi@hendrix.org"

Parameters:
subjectDNRegex - the regular expression to find in the subject

setUserDetailsService

public void setUserDetailsService(UserDetailsService userDetailsService)


Copyright © 2004-2012 Interface21, Inc. All Rights Reserved.