Implementing UserDetails

As mentioned earlier, the UserDetails object will be saved in the Authentication object, which will be saved into HttpSession. So, it is important that we keep less data inside of UserDetails. The following is SimpleUser, which implements UserDetails:

...
public class SimpleUser implements UserDetails, Serializable {
  ...
  private long userId;
  private String username;
  private String password;

  public SimpleUser(User user) {
    this.userId = user.getId();
    this.username = user.getUsername();
    this.password = user.getPassword();
  }

  // Getters of the three properties
  ...
  public Collection<? extends GrantedAuthority> getAuthorities() {
    return Collections.singleton(new 
    SimpleGrantedAuthority("ROLE_USER"));
  }
  public boolean isAccountNonExpired() { return true; }
  public boolean isAccountNonLocked() { return true; }
  public boolean isCredentialsNonExpired() { return true; }
  public boolean isEnabled() { return true; }
  ...
}

As you can see, this SimpleUser is read-only after being created from a User object. username is kept here so that we can use it to find out who the authenticated user is.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.117.137.12