root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 5 Packages Projects Releases Wiki Activity

SEC-536: Added account status checking to Siteminder provider

This commit is contained in:
Luke Taylor 2008-02-18 12:35:18 +00:00
parent 3c011685cd
commit 6575f5af1c
1 changed files with 6 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
core/src/main/java/org/springframework/security/providers/siteminder/SiteminderAuthenticationProvider.java
View File

@ -26,6 +26,9 @@ import org.springframework.security.providers.UsernamePasswordAuthenticationToke
import org.springframework.security.providers.dao.AbstractUserDetailsAuthenticationProvider; import org.springframework.security.providers.dao.AbstractUserDetailsAuthenticationProvider;
import org.springframework.security.userdetails.UserDetails; import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsService; import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.security.userdetails.UserDetailsChecker;
import org.springframework.security.userdetails.checker.AccountStatusUserDetailsChecker;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.springframework.dao.DataAccessException; import org.springframework.dao.DataAccessException;
@ -39,18 +42,13 @@ import org.springframework.util.Assert;
*/ */
public class SiteminderAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider { public class SiteminderAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
/**
* Our logging object
*/
private static final Log logger = LogFactory.getLog(SiteminderAuthenticationProvider.class);
//~ Instance fields ================================================================================================ //~ Instance fields ================================================================================================
/** /**
* Our user details service (which does the real work of checking the user against a back-end user store). * Our user details service (which does the real work of checking the user against a back-end user store).
*/ */
private UserDetailsService userDetailsService; private UserDetailsService userDetailsService;
private UserDetailsChecker userDetailsChecker = new AccountStatusUserDetailsChecker();
//~ Methods ======================================================================================================== //~ Methods ========================================================================================================
@ -63,26 +61,8 @@ public class SiteminderAuthenticationProvider extends AbstractUserDetailsAuthent
// No need for password authentication checks - we only expect one identifying string // No need for password authentication checks - we only expect one identifying string
// from the HTTP Request header (as populated by Siteminder), but we do need to see if // from the HTTP Request header (as populated by Siteminder), but we do need to see if
// the user's account is OK to let them in. // the user's account is OK to let them in.
if (!user.isEnabled()) {
throw new DisabledException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.disabled",
"Account disabled"));
}
if (!user.isAccountNonExpired()) {
throw new AccountExpiredException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.expired",
"Account expired"));
}
if (!user.isAccountNonLocked()) {
throw new LockedException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.locked",
"Account locked"));
}
if (!user.isCredentialsNonExpired()) {
throw new CredentialsExpiredException(messages.getMessage(
"AbstractUserDetailsAuthenticationProvider.credentialsExpired", "Credentials expired"));
}
userDetailsChecker.check(user);
} }
/** /**