org.springframework.ws.soap.security.x509.populator
Class DaoX509AuthoritiesPopulator

java.lang.Object
  org.springframework.ws.soap.security.x509.populator.DaoX509AuthoritiesPopulator

All Implemented Interfaces:

org.springframework.beans.factory.Aware, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware, X509AuthoritiesPopulator

public class DaoX509AuthoritiesPopulator
extends Object
implements X509AuthoritiesPopulator, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware

Populates the X509 authorities via an UserDetailsService.

Migrated from Spring Security 2 since it has been removed in Spring Security 3.

Version:

$Id: DaoX509AuthoritiesPopulator.java 2544 2008-01-29 11:50:33Z luke_t $

Author:

Luke Taylor

Field Summary

protected org.springframework.context.support.MessageSourceAccessor

messages

Constructor Summary

DaoX509AuthoritiesPopulator()

Method Summary

void	afterPropertiesSet()
org.springframework.security.core.userdetails.UserDetails	getUserDetails(X509Certificate clientCert) Obtains the granted authorities for the specified user.
void	setMessageSource(org.springframework.context.MessageSource messageSource)
void	setSubjectDNRegex(String subjectDNRegex) Sets the regular expression which will by used to extract the user name from the certificate's Subject DN.
void	setUserDetailsService(org.springframework.security.core.userdetails.UserDetailsService userDetailsService)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

messages

protected org.springframework.context.support.MessageSourceAccessor messages

Constructor Detail

DaoX509AuthoritiesPopulator

public DaoX509AuthoritiesPopulator()

Method Detail

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception

Specified by:

afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean

Throws:

Exception

getUserDetails

public org.springframework.security.core.userdetails.UserDetails getUserDetails(X509Certificate clientCert)
                                                                         throws org.springframework.security.core.AuthenticationException

Description copied from interface: X509AuthoritiesPopulator

Obtains the granted authorities for the specified user.

May throw any AuthenticationException or return null if the authorities are unavailable.

Specified by:

getUserDetails in interface X509AuthoritiesPopulator

Parameters:

clientCert - the X.509 certificate supplied

Returns:

the details of the indicated user (at minimum the granted authorities and the username)

Throws:

org.springframework.security.core.AuthenticationException - if the user details are not available or the certificate isn't valid for the application's purpose.

setMessageSource

public void setMessageSource(org.springframework.context.MessageSource messageSource)

Specified by:

setMessageSource in interface org.springframework.context.MessageSourceAware

setSubjectDNRegex

public void setSubjectDNRegex(String subjectDNRegex)

Sets the regular expression which will by used to extract the user name from the certificate's Subject DN.

It should contain a single group; for example the default expression "CN=(.?)," matches the common name field. So "CN=Jimi Hendrix, OU=..." will give a user name of "Jimi Hendrix".

The matches are case insensitive. So "emailAddress=(.?)," will match "EMAILADDRESS=jimi@hendrix.org, CN=..." giving a user name "jimi@hendrix.org"

Parameters:

subjectDNRegex - the regular expression to find in the subject

setUserDetailsService

public void setUserDetailsService(org.springframework.security.core.userdetails.UserDetailsService userDetailsService)