org.acegisecurity.providers.x509.populator
Class DaoX509AuthoritiesPopulator
java.lang.Object
org.acegisecurity.providers.x509.populator.DaoX509AuthoritiesPopulator
- All Implemented Interfaces:
- X509AuthoritiesPopulator, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware
public class DaoX509AuthoritiesPopulator
- extends Object
- implements X509AuthoritiesPopulator, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware
Populates the X509 authorities via an UserDetailsService
.
- Version:
- $Id: DaoX509AuthoritiesPopulator.java 1994 2007-08-30 20:55:49Z luke_t $
- Author:
- Luke Taylor
Field Summary |
protected org.springframework.context.support.MessageSourceAccessor |
messages
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
messages
protected org.springframework.context.support.MessageSourceAccessor messages
DaoX509AuthoritiesPopulator
public DaoX509AuthoritiesPopulator()
afterPropertiesSet
public void afterPropertiesSet()
throws Exception
- Specified by:
afterPropertiesSet
in interface org.springframework.beans.factory.InitializingBean
- Throws:
Exception
getUserDetails
public UserDetails getUserDetails(X509Certificate clientCert)
throws AuthenticationException
- Description copied from interface:
X509AuthoritiesPopulator
- Obtains the granted authorities for the specified user.
May throw any
AuthenticationException
or return null
if the authorities are unavailable.
- Specified by:
getUserDetails
in interface X509AuthoritiesPopulator
- Parameters:
clientCert
- the X.509 certificate supplied
- Returns:
- the details of the indicated user (at minimum the granted authorities and the username)
- Throws:
AuthenticationException
- if the user details are not available or the certificate isn't valid for the
application's purpose.
setMessageSource
public void setMessageSource(org.springframework.context.MessageSource messageSource)
- Specified by:
setMessageSource
in interface org.springframework.context.MessageSourceAware
setSubjectDNRegex
public void setSubjectDNRegex(String subjectDNRegex)
- Sets the regular expression which will by used to extract the user name from the certificate's Subject
DN.
It should contain a single group; for example the default expression "CN=(.?)," matches the common
name field. So "CN=Jimi Hendrix, OU=..." will give a user name of "Jimi Hendrix".
The matches are case insensitive. So "emailAddress=(.?)," will match "EMAILADDRESS=jimi@hendrix.org,
CN=..." giving a user name "jimi@hendrix.org"
- Parameters:
subjectDNRegex
- the regular expression to find in the subject
setUserDetailsService
public void setUserDetailsService(UserDetailsService userDetailsService)
Copyright © 2004-2012 Interface21, Inc. All Rights Reserved.