Created
June 4, 2012 18:41
-
-
Save dwelch2344/2870116 to your computer and use it in GitHub Desktop.
A simple UserDetailsAuthenticationProvider for SpringSecurity
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <beans xmlns="http://www.springframework.org/schema/beans" | |
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xmlns:context="http://www.springframework.org/schema/context" | |
| xmlns:tx="http://www.springframework.org/schema/tx" | |
| xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd | |
| http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd | |
| http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd" | |
| default-autowire="byName"> | |
| <tx:annotation-driven /> | |
| <!-- Scans within the base package of the application for @Components to configure as beans --> | |
| <context:component-scan base-package="your.package.here" /> | |
| </beans> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package com.example; | |
| import java.util.Collections; | |
| import java.util.List; | |
| import java.util.logging.Logger; | |
| import org.springframework.security.authentication.BadCredentialsException; | |
| import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; | |
| import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider; | |
| import org.springframework.security.core.AuthenticationException; | |
| import org.springframework.security.core.GrantedAuthority; | |
| import org.springframework.security.core.userdetails.User; | |
| import org.springframework.security.core.userdetails.UserDetails; | |
| public class HardCodedUserDetailsAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider{ | |
| private Logger logger = Logger.getLogger( getClass().getName() ); | |
| private final String username, password; | |
| public HardCodedUserDetailsAuthenticationProvider(String username, String password) { | |
| super(); | |
| this.username = username; | |
| this.password = password; | |
| } | |
| @Override | |
| protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) | |
| throws AuthenticationException { | |
| logger.info( String.format("additionalAuthenticationChecks requested on %s details with %s authentication", userDetails, authentication) ); | |
| } | |
| @Override | |
| protected UserDetails retrieveUser(String username, | |
| UsernamePasswordAuthenticationToken authentication) | |
| throws AuthenticationException { | |
| Object creds = authentication.getCredentials(); | |
| if( creds != null && String.class.isAssignableFrom(creds.getClass()) ){ | |
| String pw = (String) creds; | |
| if( this.username.equalsIgnoreCase(username) && this.password.equals(pw) ){ | |
| boolean enabled = true, | |
| accountNonExpired = true, | |
| credentialsNonExpired = true, | |
| accountNonLocked = true; | |
| List<GrantedAuthority> authorities = Collections.emptyList(); | |
| User user = new User(username, pw, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities ); | |
| return user; | |
| } | |
| throw new BadCredentialsException("Invalid credentials!!"); | |
| } | |
| // creds should never be null, so we shouldn't ever end up here | |
| throw new IllegalStateException("Unreachable code"); | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <beans xmlns="http://www.springframework.org/schema/beans" | |
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xmlns:security="http://www.springframework.org/schema/security" | |
| xmlns:context="http://www.springframework.org/schema/context" | |
| xmlns:util="http://www.springframework.org/schema/util" | |
| xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd | |
| http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd | |
| http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd | |
| http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd | |
| "> | |
| <bean id="org.springframework.security.authenticationManager" class="org.springframework.security.authentication.ProviderManager"> | |
| <property name="providers"> | |
| <util:list> | |
| <bean class="com.example.HardCodedUserDetailsAuthentcationProvider"> | |
| <constructor-arg index="0" value="user"/> | |
| <constructor-arg index="1" value="password"/> | |
| </bean> | |
| </util:list> | |
| </property> | |
| </bean> | |
| <security:http entry-point-ref="authenticationProcessingFilterEntryPoint" use-expressions="true" > | |
| <security:form-login login-processing-url="/doLogin"/> | |
| <security:anonymous /> | |
| </security:http> | |
| <bean id="authenticationProcessingFilterEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint"> | |
| <property name="loginFormUrl" value="/login"/> | |
| </bean> | |
| </beans> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment