Created
March 9, 2012 19:34
-
-
Save zeroum/2008251 to your computer and use it in GitHub Desktop.
Implementação do UserDetailsService do Spring Security, com backend próprio da aplicação
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<sec:authentication-manager> | |
<sec:authentication-provider user-service-ref='myUserDetailsService'> | |
<sec:password-encoder hash="sha" /> | |
</sec:authentication-provider> | |
</sec:authentication-manager> | |
<bean id="myUserDetailsService" | |
class="zeroum.business.service.seguranca.impl.UserDetailsServiceImpl"> | |
</bean> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package zeroum.business.service.seguranca.impl; | |
import java.util.ArrayList; | |
import java.util.Collection; | |
import org.springframework.beans.factory.annotation.Autowired; | |
import org.springframework.security.core.GrantedAuthority; | |
import org.springframework.security.core.userdetails.*; | |
import zeroum.business.service.seguranca.UsuarioService; | |
import zeroum.persistence.entity.seguranca.Perfil; | |
import zeroum.persistence.entity.seguranca.Usuario; | |
public class UserDetailsServiceImpl implements UserDetailsService { | |
@Autowired | |
private UsuarioService usuarioService; | |
@Override | |
public UserDetails loadUserByUsername(String username) | |
throws UsernameNotFoundException { | |
Usuario usuario = usuarioService.buscarUsuarioPorLogin(username); | |
if (usuario == null) | |
throw new UsernameNotFoundException("usuario.nao.encontrado"); | |
UserDetails userDetails = buildUserDetails(usuario); | |
return userDetails; | |
} | |
private UserDetails buildUserDetails(final Usuario usuario) { | |
return new UserDetails() { | |
private static final long serialVersionUID = 1L; | |
@Override | |
public boolean isEnabled() { | |
return usuario.isAtivo(); | |
} | |
@Override | |
public boolean isCredentialsNonExpired() { | |
return usuario.isAtivo(); | |
} | |
@Override | |
public boolean isAccountNonLocked() { | |
return usuario.isAtivo(); | |
} | |
@Override | |
public boolean isAccountNonExpired() { | |
return usuario.isAtivo(); | |
} | |
@Override | |
public String getUsername() { | |
return usuario.getLogin(); | |
} | |
@Override | |
public String getPassword() { | |
return usuario.getSenha(); | |
} | |
@Override | |
public Collection<? extends GrantedAuthority> getAuthorities() { | |
// Definindo a classe somente para poder parametriza-la na coleção | |
// abaixo, que é utilizada como retorno definido pelo Spring Security | |
class MySpringGrantedAuthority implements GrantedAuthority { | |
private static final long serialVersionUID = 1L; | |
@Override | |
public String getAuthority() { | |
return null; | |
} | |
} | |
Collection<MySpringGrantedAuthority> authorities = new ArrayList<MySpringGrantedAuthority>(); | |
for (final Perfil perfil : usuario.getPerfis()) { | |
authorities.add(new MySpringGrantedAuthority() { | |
private static final long serialVersionUID = 1L; | |
@Override | |
public String getAuthority() { | |
return perfil.getNomePerfil(); | |
} | |
}); | |
} | |
return authorities; | |
} | |
}; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 níveis de classes aninhadas é para poucos :)