Java tutorial
/* Copyright 2012 Tim Garrett, Mothsoft LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.mothsoft.alexis.service.security; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.transaction.PlatformTransactionManager; import org.springframework.transaction.TransactionStatus; import org.springframework.transaction.support.TransactionCallback; import org.springframework.transaction.support.TransactionTemplate; import com.mothsoft.alexis.dao.UserDao; import com.mothsoft.alexis.domain.UserAuthenticationDetails; public class AlexisApiAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider { private UserDetailsService userDetailsService; private UserDao userDao; private PlatformTransactionManager transactionManager; private TransactionTemplate transactionTemplate; public AlexisApiAuthenticationProvider(UserDetailsService userDetailsService, UserDao userDao, PlatformTransactionManager transactionManager) { this.userDetailsService = userDetailsService; this.userDao = userDao; this.transactionManager = transactionManager; this.transactionTemplate = new TransactionTemplate(this.transactionManager); } public void setUserDetailsService(UserDetailsService userDetailsService) { this.userDetailsService = userDetailsService; } @Override protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken token) throws AuthenticationException { } @Override protected UserDetails retrieveUser(final String username, final UsernamePasswordAuthenticationToken token) throws AuthenticationException { return this.transactionTemplate.execute(new TransactionCallback<UserDetails>() { @Override public UserDetails doInTransaction(TransactionStatus arg0) { final String apiToken = String.valueOf(token.getCredentials()); final boolean valid = AlexisApiAuthenticationProvider.this.userDao.authenticate(username, apiToken); if (!valid) { throw new BadCredentialsException(username); } final UserDetails userDetails = AlexisApiAuthenticationProvider.this.userDetailsService .loadUserByUsername(username); final UserDetails toReturn = new UserAuthenticationDetails((UserAuthenticationDetails) userDetails, apiToken); return toReturn; } }); } }