01: /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
02: *
03: * Licensed under the Apache License, Version 2.0 (the "License");
04: * you may not use this file except in compliance with the License.
05: * You may obtain a copy of the License at
06: *
07: * http://www.apache.org/licenses/LICENSE-2.0
08: *
09: * Unless required by applicable law or agreed to in writing, software
10: * distributed under the License is distributed on an "AS IS" BASIS,
11: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12: * See the License for the specific language governing permissions and
13: * limitations under the License.
14: */
15:
16: package org.acegisecurity.providers.dao.salt;
17:
18: import org.acegisecurity.AuthenticationServiceException;
19:
20: import org.acegisecurity.providers.dao.SaltSource;
21:
22: import org.acegisecurity.userdetails.UserDetails;
23:
24: import org.springframework.beans.factory.InitializingBean;
25:
26: import java.lang.reflect.Method;
27:
28: /**
29: * Obtains a salt from a specified property of the {@link org.acegisecurity.userdetails.User} object.<P>This allows
30: * you to subclass <code>User</code> and provide an additional bean getter for a salt. You should use a synthetic
31: * value that does not change, such as a database primary key. Do not use <code>username</code> if it is likely to
32: * change.</p>
33: *
34: * @author Ben Alex
35: * @version $Id: ReflectionSaltSource.java 1519 2006-05-29 15:06:32Z benalex $
36: */
37: public class ReflectionSaltSource implements SaltSource,
38: InitializingBean {
39: //~ Instance fields ================================================================================================
40:
41: private String userPropertyToUse;
42:
43: //~ Methods ========================================================================================================
44:
45: public void afterPropertiesSet() throws Exception {
46: if ((this .getUserPropertyToUse() == null)
47: || "".equals(this .getUserPropertyToUse())) {
48: throw new IllegalArgumentException(
49: "A userPropertyToUse must be set");
50: }
51: }
52:
53: /**
54: * Performs reflection on the passed <code>User</code> to obtain the salt.<P>The property identified by
55: * <code>userPropertyToUse</code> must be available from the passed <code>User</code> object. If it is not
56: * available, an {@link AuthenticationServiceException} will be thrown.</p>
57: *
58: * @param user which contains the method identified by <code>userPropertyToUse</code>
59: *
60: * @return the result of invoking <code>user.userPropertyToUse()</code>
61: *
62: * @throws AuthenticationServiceException if reflection fails
63: */
64: public Object getSalt(UserDetails user) {
65: try {
66: Method reflectionMethod = user.getClass().getMethod(
67: this .userPropertyToUse, new Class[] {});
68:
69: return reflectionMethod.invoke(user, new Object[] {});
70: } catch (Exception exception) {
71: throw new AuthenticationServiceException(exception
72: .getMessage(), exception);
73: }
74: }
75:
76: public String getUserPropertyToUse() {
77: return userPropertyToUse;
78: }
79:
80: /**
81: * The method name to call to obtain the salt. If your <code>UserDetails</code> contains a
82: * <code>UserDetails.getSalt()</code> method, you should set this property to <code>getSalt</code>.
83: *
84: * @param userPropertyToUse the name of the <b>getter</b> to call to obtain the salt from the
85: * <code>UserDetails</code>
86: */
87: public void setUserPropertyToUse(String userPropertyToUse) {
88: this.userPropertyToUse = userPropertyToUse;
89: }
90: }
|