Class SpringSecurityLoaderImpl
- All Implemented Interfaces:
SecurityLoader
SecurityLoader
class, using the Spring framework to populate the SecurityContext from a JDBC
datasource.
This security context used to optionally take a customerId (used to partition users across separate SaaS contexts), or an applicationId (used to partition permissions across separate software products). If not defined, then these columns did not need to be present in the database. This functionality has been deprecated.
I think we had String userids at one point as well, so look out for that.
This class has a number of initialisation properties that are specific to this class (in addition to those initialisation properties that are set by the SecurityContext itself):
-
INIT_JDBCTEMPLATE
- The Spring JdbcTemplate class used to retrieve information from a database. -
INIT_DATABASE_VENDOR
- Set to one of the SqlGenerator.DATABASE_* constants, which specifies what syntax of SQL to use (DB2, Oracle or SqlServer).
- Author:
- knoxg
-
Field Summary
FieldsModifier and TypeFieldDescriptionfinal CamelCaser
Column renamer for the SECURITYAUDITS tablestatic final String
Boolean object version of SecurityContext.INIT_CASE_INSENSITIVE string; set to false if missingstatic final String
Database vendor for generated SQL.static final String
Initialisation property key to set JdbcTemplate.static final org.apache.log4j.Logger
Logger for this classfinal CamelCaser
Column renamer for the PERMISSION tablefinal CamelCaser
Column renamer for the shouty ROLETABLE tablefinal CamelCaser
Column renamer for the USERS table -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoid
initialise
(Map<String, Object> properties) Initialise this loader.loadAllActivities
(String resourceName) Retrieve a list of all the activities that can be applied to resource for the current application context.Return a List of all Permissions available to this applicationRetrieve a list of all the resources under security for the current application context.Returns List of maps, where each map represents the details of a particular role.Load all role permissions.Retrieve a list of all the roles that can be applied to a user for the current application context.Returns List of maps, where each map represents the details of a particular user.Retrieve a list of users in the current application context.loadRolePermissions
(String role) Return List of Permission associated with a particular roleloadUser
(long userId) Load a user.loadUserPermissions
(User user) Retrieve per-user permission objects.loadUserRolePermissions
(User user) Return List of Permissions containing permissions contained for all roles for a particular user.loadUserRoles
(User user) Retrieve a list of roles applied to a particular user for the current application context.void
Resets the security context.void
saveRolePermissions
(String role, List<Permission> rolePermissions) Persists the permission information for this role to the database.void
saveUserRolesAndPermissions
(User user, List<String> roles, List<Permission> userPermissions) Persists the role and permission information recorded for this user to the database.
-
Field Details
-
logger
Logger for this class -
INIT_JDBCTEMPLATE
Initialisation property key to set JdbcTemplate.- See Also:
-
INIT_DATABASE_VENDOR
Database vendor for generated SQL. Should be one of the SqlGenerator.DB_* constants- See Also:
-
INIT_CASE_INSENSITIVE_OBJ
Boolean object version of SecurityContext.INIT_CASE_INSENSITIVE string; set to false if missing- See Also:
-
roleCamelCaser
Column renamer for the shouty ROLETABLE table -
userCamelCaser
Column renamer for the USERS table -
permissionCamelCaser
Column renamer for the PERMISSION table -
auditCamelCaser
Column renamer for the SECURITYAUDITS table
-
-
Constructor Details
-
SpringSecurityLoaderImpl
public SpringSecurityLoaderImpl()
-
-
Method Details
-
initialise
Initialise this loader.The properties Map passed into this method must contain the following attributes.
jdbcTemplate - a JdbcTemplate object connected to a datasource databaseVendor - one of the SqlGenerator.DATABASE_* constants, defining what syntax of SQL to generate from this class. - Specified by:
initialise
in interfaceSecurityLoader
- Parameters:
properties
- Initialisation properties for this loader.- See Also:
-
loadAllRolePermissions
Load all role permissions. Return a structured list of application specific Permission objects which is used to preload the SecurityContext rolePermission cache. Each permission returned must be a role-based Permission.- Specified by:
loadAllRolePermissions
in interfaceSecurityLoader
- Returns:
- A List of Permission objects for all roles in the current application. Does not return Permissions that are not explicitly associated with a role in the security table.
- Throws:
IOException
- if an error occured loading from the database. This IOException will always contain a spring DataAccessException which can be accessed in its .getCause() method.- See Also:
-
loadUserPermissions
Retrieve per-user permission objects. Returns the list of permissions assigned to this user.- Specified by:
loadUserPermissions
in interfaceSecurityLoader
- Throws:
IOException
- if an error occured loading from the database. This IOException will always contain a spring DataAccessException which can be accessed in its .getCause() method.- See Also:
-
loadUserRoles
Retrieve a list of roles applied to a particular user for the current application context.- Specified by:
loadUserRoles
in interfaceSecurityLoader
- Returns:
- List of roles, represented as Strings
- See Also:
-
loadRolePermissions
Return List of Permission associated with a particular role- Specified by:
loadRolePermissions
in interfaceSecurityLoader
- Parameters:
role
-- Returns:
- A List of Permission objects that apply to that role
-
loadUserRolePermissions
Return List of Permissions containing permissions contained for all roles for a particular user.Note that if a user contains multiple roles that have permissions that apply to the same activity/resource combinations, then that will be reflected in the returned list.
- Specified by:
loadUserRolePermissions
in interfaceSecurityLoader
- Parameters:
userid
- Name of user we are interested in.- Returns:
- A List of Maps
-
loadAllPermissions
Return a List of all Permissions available to this application- Specified by:
loadAllPermissions
in interfaceSecurityLoader
- Returns:
- a List of Permissions available to this application
-
loadUser
Description copied from interface:SecurityLoader
Load a user. Will not load any role or permission data for that user.Will probably throw an IOException if the user doesn't exist.
- Specified by:
loadUser
in interfaceSecurityLoader
- Returns:
- a User object.
- Throws:
IOException
-
loadAllUsers
Retrieve a list of users in the current application context. Return a list of User objects representing all users contained in this security context. Permission information relating to that user is not populated unless the 'populatePermission' parameter is set to true.The information returned by this function may be cached, depending on the initialisation properties of the security context.
- Specified by:
loadAllUsers
in interfaceSecurityLoader
- Returns:
- A List of Users.
- Throws:
IOException
- if an error occured loading from the database. This IOException will always contain a spring DataAccessException which can be accessed viainvalid reference
java.io.Throwable#getCause
- See Also:
-
loadAllResources
Retrieve a list of all the resources under security for the current application context.- Specified by:
loadAllResources
in interfaceSecurityLoader
- Returns:
- List of maps, each map represents resource
- See Also:
-
loadAllActivities
Retrieve a list of all the activities that can be applied to resource for the current application context.- Specified by:
loadAllActivities
in interfaceSecurityLoader
- Parameters:
resourceName
- The resource we wish to retrieve activities for- Returns:
- List of maps, each map represents an activity.
- See Also:
-
loadAllRoles
Retrieve a list of all the roles that can be applied to a user for the current application context.- Specified by:
loadAllRoles
in interfaceSecurityLoader
- Returns:
- List of maps, each map represents a role.
- See Also:
-
loadAllRoleDetails
Returns List of maps, where each map represents the details of a particular role.- Specified by:
loadAllRoleDetails
in interfaceSecurityLoader
- Returns:
- A List of Roles, in Map format.
-
loadAllUserDetails
Returns List of maps, where each map represents the details of a particular user.- Specified by:
loadAllUserDetails
in interfaceSecurityLoader
- Returns:
- A List of Users, in Map format.
-
resetSecurityContext
Resets the security context.This security context holds no state, so this method does nothing.
- Specified by:
resetSecurityContext
in interfaceSecurityLoader
-
saveUserRolesAndPermissions
public void saveUserRolesAndPermissions(User user, List<String> roles, List<Permission> userPermissions) throws IOException Description copied from interface:SecurityLoader
Persists the role and permission information recorded for this user to the database. Existing role and permission information in the database will be removed.- Specified by:
saveUserRolesAndPermissions
in interfaceSecurityLoader
- Parameters:
user
- The user to persist- Throws:
IOException
-
saveRolePermissions
Description copied from interface:SecurityLoader
Persists the permission information for this role to the database. Existing permission information in the database will be removed.- Specified by:
saveRolePermissions
in interfaceSecurityLoader
- Throws:
IOException
-