View Javadoc

1   package org.springframework.security.config;
2   
3   import org.springframework.beans.factory.config.BeanDefinition;
4   import org.springframework.beans.factory.config.PropertiesFactoryBean;
5   import org.springframework.beans.factory.support.BeanDefinitionBuilder;
6   import org.springframework.beans.factory.support.RootBeanDefinition;
7   import org.springframework.beans.factory.xml.ParserContext;
8   import org.springframework.beans.factory.BeanDefinitionStoreException;
9   import org.springframework.security.userdetails.memory.UserMap;
10  import org.springframework.security.userdetails.User;
11  import org.springframework.security.util.AuthorityUtils;
12  import org.springframework.util.StringUtils;
13  import org.springframework.util.CollectionUtils;
14  import org.springframework.util.xml.DomUtils;
15  import org.w3c.dom.Element;
16  
17  import java.util.List;
18  import java.util.Iterator;
19  
20  /**
21   * @author Luke Taylor
22   * @author Ben Alex
23   * @version $Id: UserServiceBeanDefinitionParser.java 3086 2008-05-23 21:30:57Z luke_t $
24   */
25  public class UserServiceBeanDefinitionParser extends AbstractUserDetailsServiceBeanDefinitionParser {
26  
27      static final String ATT_PASSWORD = "password";
28      static final String ATT_NAME = "name";
29      static final String ELT_USER = "user";
30      static final String ATT_AUTHORITIES = "authorities";
31      static final String ATT_PROPERTIES = "properties";
32      static final String ATT_DISABLED = "disabled";
33      static final String ATT_LOCKED = "locked";
34  
35      protected String getBeanClassName(Element element) {
36          return "org.springframework.security.userdetails.memory.InMemoryDaoImpl";
37      }
38  
39      protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) {
40          String userProperties = element.getAttribute(ATT_PROPERTIES);
41          List userElts = DomUtils.getChildElementsByTagName(element, ELT_USER);
42  
43          if (StringUtils.hasText(userProperties)) {
44  
45              if(!CollectionUtils.isEmpty(userElts)) {
46                  throw new BeanDefinitionStoreException("Use of a properties file and user elements are mutually exclusive");
47              }
48  
49              BeanDefinition bd = new RootBeanDefinition(PropertiesFactoryBean.class);
50              bd.getPropertyValues().addPropertyValue("location", userProperties);
51              builder.addPropertyValue("userProperties", bd);
52  
53              return;
54          }
55  
56          if(CollectionUtils.isEmpty(userElts)) {
57              throw new BeanDefinitionStoreException("You must supply user definitions, either with <" + ELT_USER + "> child elements or a " +
58                  "properties file (using the '" + ATT_PROPERTIES + "' attribute)" );
59          }
60          
61          UserMap users = new UserMap();
62  
63          for (Iterator i = userElts.iterator(); i.hasNext();) {
64              Element userElt = (Element) i.next();
65              String userName = userElt.getAttribute(ATT_NAME);
66              String password = userElt.getAttribute(ATT_PASSWORD);
67              boolean locked = "true".equals(userElt.getAttribute(ATT_LOCKED));
68              boolean disabled = "true".equals(userElt.getAttribute(ATT_DISABLED));
69  
70              users.addUser(new User(userName, password, !disabled, true, true, !locked,
71                      AuthorityUtils.commaSeparatedStringToAuthorityArray(userElt.getAttribute(ATT_AUTHORITIES))));
72          }
73  
74          builder.addPropertyValue("userMap", users);
75      }
76  }