diff --git a/core/src/main/java/org/acegisecurity/userdetails/jdbc/JdbcDaoImpl.java b/core/src/main/java/org/acegisecurity/userdetails/jdbc/JdbcDaoImpl.java
index 76da5d3e54..1e89a4d15e 100644
--- a/core/src/main/java/org/acegisecurity/userdetails/jdbc/JdbcDaoImpl.java
+++ b/core/src/main/java/org/acegisecurity/userdetails/jdbc/JdbcDaoImpl.java
@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -84,6 +84,7 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements AuthenticationDao {
private String authoritiesByUsernameQuery;
private String rolePrefix = "";
private String usersByUsernameQuery;
+ private boolean usernameBasedPrimaryKey = true;
//~ Constructors ===========================================================
@@ -139,6 +140,28 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements AuthenticationDao {
return rolePrefix;
}
+ /**
+ * If true (the default), indicates the {@link
+ * #getUsersByUsernameMapping()} returns a username in response to a
+ * query. If false, indicates that a primary key is used
+ * instead. If set to true, the class will use the
+ * database-derived username in the returned UserDetails. If
+ * false, the class will use the {@link
+ * #loadUserByUsername(String)} derived username in the returned
+ * UserDetails.
+ *
+ * @param usernameBasedPrimaryKey true if the mapping queries
+ * return the username String, or false
+ * if the mapping returns a database primary key.
+ */
+ public void setUsernameBasedPrimaryKey(boolean usernameBasedPrimaryKey) {
+ this.usernameBasedPrimaryKey = usernameBasedPrimaryKey;
+ }
+
+ public boolean isUsernameBasedPrimaryKey() {
+ return usernameBasedPrimaryKey;
+ }
+
public void setUsersByUsernameMapping(MappingSqlQuery usersByUsernameQuery) {
this.usersByUsernameMapping = usersByUsernameQuery;
}
@@ -191,8 +214,14 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements AuthenticationDao {
arrayAuths = (GrantedAuthority[]) dbAuths.toArray(arrayAuths);
- return new User(user.getUsername(), user.getPassword(),
- user.isEnabled(), true, true, true, arrayAuths);
+ String returnUsername = user.getUsername();
+
+ if (!usernameBasedPrimaryKey) {
+ returnUsername = username;
+ }
+
+ return new User(returnUsername, user.getPassword(), user.isEnabled(),
+ true, true, true, arrayAuths);
}
/**
diff --git a/doc/xdocs/changes.xml b/doc/xdocs/changes.xml
index f4f887cadd..cb1e1b0fdd 100644
--- a/doc/xdocs/changes.xml
+++ b/doc/xdocs/changes.xml
@@ -26,6 +26,7 @@
+ JdbcDaoImpl modified to support synthetic primary keys
Greatly improve BasicAclEntryAfterInvocationCollectionFilteringProvider performance with large collections (if the principal has access to relatively few collection elements)
Reorder DaoAuthenticationProvider exception logic as per developer list discussion
ContextHolder refactored and replaced by SecurityContextHolder
@@ -34,6 +35,7 @@
AnonymousProcessingFilter offers protected method to control when it should execute
AbstractAuthenticationToken.getName() now returns username alone if UserDetails present
AuthorityGranter.grant now returns a java.util.Set of role names, instead of a single role name
+ JavaDoc improvements
Correct location of AuthenticationSimpleHttpInvokerRequestExecutor in clientContext.xml