Skip to content

Instantly share code, notes, and snippets.

@zeroum

zeroum/UserDetailsServiceImpl.java

Created March 9, 2012 19:34
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save zeroum/2008251 to your computer and use it in GitHub Desktop.
Save zeroum/2008251 to your computer and use it in GitHub Desktop.
Download ZIP
Implementação do UserDetailsService do Spring Security, com backend próprio da aplicação
Raw
spring-security.xml
<sec:authentication-manager>
<sec:authentication-provider user-service-ref='myUserDetailsService'>
<sec:password-encoder hash="sha" />
</sec:authentication-provider>
</sec:authentication-manager>
<bean id="myUserDetailsService"
class="zeroum.business.service.seguranca.impl.UserDetailsServiceImpl">
</bean>
Raw
UserDetailsServiceImpl.java
package zeroum.business.service.seguranca.impl;
import java.util.ArrayList;
import java.util.Collection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.*;
import zeroum.business.service.seguranca.UsuarioService;
import zeroum.persistence.entity.seguranca.Perfil;
import zeroum.persistence.entity.seguranca.Usuario;
public class UserDetailsServiceImpl implements UserDetailsService {
@Autowired
private UsuarioService usuarioService;
@Override
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException {
Usuario usuario = usuarioService.buscarUsuarioPorLogin(username);
if (usuario == null)
throw new UsernameNotFoundException("usuario.nao.encontrado");
UserDetails userDetails = buildUserDetails(usuario);
return userDetails;
}
private UserDetails buildUserDetails(final Usuario usuario) {
return new UserDetails() {
private static final long serialVersionUID = 1L;
@Override
public boolean isEnabled() {
return usuario.isAtivo();
}
@Override
public boolean isCredentialsNonExpired() {
return usuario.isAtivo();
}
@Override
public boolean isAccountNonLocked() {
return usuario.isAtivo();
}
@Override
public boolean isAccountNonExpired() {
return usuario.isAtivo();
}
@Override
public String getUsername() {
return usuario.getLogin();
}
@Override
public String getPassword() {
return usuario.getSenha();
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
// Definindo a classe somente para poder parametriza-la na coleção
// abaixo, que é utilizada como retorno definido pelo Spring Security
class MySpringGrantedAuthority implements GrantedAuthority {
private static final long serialVersionUID = 1L;
@Override
public String getAuthority() {
return null;
}
}
Collection<MySpringGrantedAuthority> authorities = new ArrayList<MySpringGrantedAuthority>();
for (final Perfil perfil : usuario.getPerfis()) {
authorities.add(new MySpringGrantedAuthority() {
private static final long serialVersionUID = 1L;
@Override
public String getAuthority() {
return perfil.getNomePerfil();
}
});
}
return authorities;
}
};
}
}
@sergiolopes
Copy link

4 níveis de classes aninhadas é para poucos :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment