Class RejectUserPreAuthenticationChecks

java.lang.Object
org.springframework.security.authentication.AccountStatusUserDetailsChecker
de.hybris.platform.spring.security.RejectUserPreAuthenticationChecks
All Implemented Interfaces:
org.springframework.beans.factory.Aware, org.springframework.context.MessageSourceAware, org.springframework.security.core.userdetails.UserDetailsChecker

public class RejectUserPreAuthenticationChecks extends org.springframework.security.authentication.AccountStatusUserDetailsChecker
Used by CoreAuthenticationProvider.

The setup below rejects login attempts of user 'foo' (UID based restriction) and of customers in general (type based restriction).

See: /ext/cockpit/resources/cockpit/cockpit-spring-security.xml

        
                
                        
                                foo
                        
                
                
                        
                                Customer
                        
                
        
 
  • Field Details

    • messages

      protected org.springframework.context.support.MessageSourceAccessor messages
  • Constructor Details

    • RejectUserPreAuthenticationChecks

      public RejectUserPreAuthenticationChecks()
  • Method Details

    • setAllowedUserTypes

      public void setAllowedUserTypes(Collection<String> allowedUserTypes)
    • setAllowedUserGroups

      public void setAllowedUserGroups(Collection<String> allowedUserGroups)
    • check

      public void check(org.springframework.security.core.userdetails.UserDetails userDetails)
      Specified by:
      check in interface org.springframework.security.core.userdetails.UserDetailsChecker
      Overrides:
      check in class org.springframework.security.authentication.AccountStatusUserDetailsChecker
    • getPKFromUserDetails

      protected PK getPKFromUserDetails(org.springframework.security.core.userdetails.UserDetails userDetails)
    • getUserByPK

      protected User getUserByPK(PK userPK)
    • getUserByLogin

      protected User getUserByLogin(String login)
    • checkForAllowedGroups

      protected void checkForAllowedGroups(User user)
    • checkUserType

      protected void checkUserType(User user)
    • getComposedType

      protected ComposedType getComposedType(String code)