public class User extends Object implements UserDetails, CredentialsContainer
UserDetailsService.
Developers may use this class directly, subclass it, or write their own
UserDetails implementation from scratch.
equals and hashcode implementations are based on the username
property only, as the intention is that lookups of the same user principal object (in a
user registry, for example) will match where the objects represent the same user, not
just when all the properties (authorities, password for example) are the same.
Note that this implementation is not immutable. It implements the
CredentialsContainer interface, in order to allow the password to be erased
after authentication. This may cause side-effects if you are storing instances
in-memory and reusing them. If so, make sure you return a copy from your
UserDetailsService each time it is invoked.
| Constructor and Description |
|---|
User(String username,
String password,
boolean enabled,
boolean accountNonExpired,
boolean credentialsNonExpired,
boolean accountNonLocked,
Collection<? extends GrantedAuthority> authorities)
Construct the
User with the details required by
DaoAuthenticationProvider. |
User(String username,
String password,
Collection<? extends GrantedAuthority> authorities)
Calls the more complex constructor with all boolean arguments set to
true. |
| Modifier and Type | Method and Description |
|---|---|
boolean |
equals(Object rhs)
Returns
true if the supplied object is a User instance with the
same username value. |
void |
eraseCredentials() |
Collection<GrantedAuthority> |
getAuthorities()
Returns the authorities granted to the user.
|
String |
getPassword()
Returns the password used to authenticate the user.
|
String |
getUsername()
Returns the username used to authenticate the user.
|
int |
hashCode()
Returns the hashcode of the
username. |
boolean |
isAccountNonExpired()
Indicates whether the user's account has expired.
|
boolean |
isAccountNonLocked()
Indicates whether the user is locked or unlocked.
|
boolean |
isCredentialsNonExpired()
Indicates whether the user's credentials (password) has expired.
|
boolean |
isEnabled()
Indicates whether the user is enabled or disabled.
|
String |
toString() |
public User(String username, String password, Collection<? extends GrantedAuthority> authorities)
true.public User(String username, String password, boolean enabled, boolean accountNonExpired, boolean credentialsNonExpired, boolean accountNonLocked, Collection<? extends GrantedAuthority> authorities)
User with the details required by
DaoAuthenticationProvider.username - the username presented to the
DaoAuthenticationProviderpassword - the password that should be presented to the
DaoAuthenticationProviderenabled - set to true if the user is enabledaccountNonExpired - set to true if the account has not expiredcredentialsNonExpired - set to true if the credentials have not
expiredaccountNonLocked - set to true if the account is not lockedauthorities - the authorities that should be granted to the caller if they
presented the correct username and password and the user is enabled. Not null.IllegalArgumentException - if a null value was passed either as
a parameter or as an element in the GrantedAuthority collectionpublic Collection<GrantedAuthority> getAuthorities()
UserDetailsnull.getAuthorities in interface UserDetailsnull)public String getPassword()
UserDetailsgetPassword in interface UserDetailspublic String getUsername()
UserDetailsnull
.getUsername in interface UserDetailsnull)public boolean isEnabled()
UserDetailsisEnabled in interface UserDetailstrue if the user is enabled, false otherwisepublic boolean isAccountNonExpired()
UserDetailsisAccountNonExpired in interface UserDetailstrue if the user's account is valid (ie non-expired),
false if no longer valid (ie expired)public boolean isAccountNonLocked()
UserDetailsisAccountNonLocked in interface UserDetailstrue if the user is not locked, false otherwisepublic boolean isCredentialsNonExpired()
UserDetailsisCredentialsNonExpired in interface UserDetailstrue if the user's credentials are valid (ie non-expired),
false if no longer valid (ie expired)public void eraseCredentials()
eraseCredentials in interface CredentialsContainerpublic boolean equals(Object rhs)
true if the supplied object is a User instance with the
same username value.
In other words, the objects are equal if they have the same username, representing the same principal.
public int hashCode()
username.