首页 发现 帮助
注册 登录
github
/
spring-security
镜像自地址 https://github.com/spring-projects/spring-security
2
0
派生 0
文件 工单管理 0 Wiki
浏览代码

Added support for locking user accounts in namespace <user-service> "user" elements (for use in testing).

Luke Taylor 17 年之前
父节点
2343577fec
当前提交
d3f26f09b6
共有 3 个文件被更改,包括 21 次插入2 次删除
分列视图 显示文件统计
  1. 6 2
      core/src/main/java/org/springframework/security/config/UserServiceBeanDefinitionParser.java
  2. 4 0
      core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc
  3. 11 0
      core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd

+ 6 - 2
core/src/main/java/org/springframework/security/config/UserServiceBeanDefinitionParser.java
查看文件 

@@ -28,8 +28,10 @@ public class UserServiceBeanDefinitionParser extends AbstractUserDetailsServiceB
 
 	static final String ELT_USER = "user";
 
 	static final String ATT_AUTHORITIES = "authorities";
 
 	static final String ATT_PROPERTIES = "properties";
 
+	static final String ATT_DISABLED = "disabled";
 
+    static final String ATT_LOCKED = "locked";
 
 
-	protected Class getBeanClass(Element element) {
 
+    protected Class getBeanClass(Element element) {
 
         return InMemoryDaoImpl.class;
 
     }
 
 
@@ -57,8 +59,10 @@ public class UserServiceBeanDefinitionParser extends AbstractUserDetailsServiceB
 
             Element userElt = (Element) i.next();
 
             String userName = userElt.getAttribute(ATT_NAME);
 
             String password = userElt.getAttribute(ATT_PASSWORD);
 
+            boolean locked = "true".equals(userElt.getAttribute(ATT_LOCKED));
 
+            boolean disabled = "true".equals(userElt.getAttribute(ATT_DISABLED));
 
 
-            users.addUser(new User(userName, password, true, true, true, true,
 
+            users.addUser(new User(userName, password, !disabled, true, true, !locked,
 
                     AuthorityUtils.commaSeparatedStringToAuthorityArray(userElt.getAttribute(ATT_AUTHORITIES))));
 
         }

+ 4 - 0
core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc
查看文件 

@@ -302,6 +302,10 @@ user.attlist &=
 
 user.attlist &=
 
 	  ## One of more authorities granted to the user. Separate authorities with a comma (but no space). For example, "ROLE_USER,ROLE_ADMINISTRATOR"
 
     attribute authorities {xsd:string}
 
+user.attlist &=
 
+	  ## Can be set to "true" to mark an account as locked and unusable.
 
+    attribute locked {"true" | "false"}?
 
+
 
 
 jdbc-user-service =
 
 	  ## Causes creation of a JDBC-based UserDetailsService.

+ 11 - 0
core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd
查看文件 

@@ -705,6 +705,17 @@
 
         <xs:documentation>One of more authorities granted to the user. Separate authorities with a comma (but no space). For example, "ROLE_USER,ROLE_ADMINISTRATOR"</xs:documentation>
 
       </xs:annotation>
 
     </xs:attribute>
 
+    <xs:attribute name="locked">
 
+      <xs:annotation>
 
+        <xs:documentation>Can be set to "true" to mark an account as locked and unusable.</xs:documentation>
 
+      </xs:annotation>
 
+      <xs:simpleType>
 
+        <xs:restriction base="xs:token">
 
+          <xs:enumeration value="true"/>
 
+          <xs:enumeration value="false"/>
 
+        </xs:restriction>
 
+      </xs:simpleType>
 
+    </xs:attribute>
 
   </xs:attributeGroup>
 
   <xs:element name="jdbc-user-service">
 
     <xs:annotation>