Security argresolver

code/web/oauth/src/main/java/com/jl/crm/web/CurrentUser.java

@@ -0,0 +1,39 @@
+/*
+ * Copyright 2002-2013 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.jl.crm.web;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.web.bind.annotation.AuthenticationPrincipal;
+import org.springframework.stereotype.Controller;
+
+/**
+ * Specifies to obtain {@link Authentication#getPrincipal()} for an MVC
+ * {@link Controller} argument. Alternatively, you can use
+ * {@link AuthenticationPrincipal} directly.
+ *
+ * @author Rob Winch
+ */
+@Target({ ElementType.PARAMETER})
+@Retention(RetentionPolicy.RUNTIME)
+@AuthenticationPrincipal
+public @interface CurrentUser {
+
+}

code/web/oauth/src/main/java/com/jl/crm/web/CurrentUserController.java

@@ -29,7 +29,7 @@ public CurrentUserController(UserLinks userLinks) {
 	}
 
 	@RequestMapping (value = "/user", method = RequestMethod.GET)
-	public HttpEntity<Resource<User>> currentUser(@ModelAttribute User self) {
+	public HttpEntity<Resource<User>> currentUser(@CurrentUser User self) {
 		List<Link> linkList = new ArrayList<Link>();
 		linkList.add(this.userLinks.getSelfLink(self));
 		linkList.add(this.userLinks.getPhotoLink(self));

code/web/pom.xml

@@ -8,7 +8,7 @@
     <version>1.0-SNAPSHOT</version>
     <properties>
         <m2eclipse.wtp.contextRoot>/</m2eclipse.wtp.contextRoot>
-        <spring-security.version>3.2.0.RC1</spring-security.version>
+        <spring-security.version>3.2.0.CI-SNAPSHOT</spring-security.version>
     </properties>
     <packaging>pom</packaging>
     <modules>

code/web/services/src/main/java/com/jl/crm/services/security/CrmUserDetailsService.java

@@ -27,16 +27,15 @@ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundEx
 	}
 
 	@SuppressWarnings("serial")
-	public static class CrmUserDetails implements UserDetails {
+	public static class CrmUserDetails extends com.jl.crm.services.User implements UserDetails {
 		public static final String SCOPE_READ = "read";
 		public static final String SCOPE_WRITE = "write";
 		public static final String ROLE_USER = "ROLE_USER";
 		private Collection<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>();
-		private com.jl.crm.services.User user;
 
 		public CrmUserDetails(com.jl.crm.services.User user) {
+			super(user);
 			Assert.notNull(user, "the provided user reference can't be null");
-			this.user = user;
 			for (String ga : Arrays.asList(ROLE_USER, SCOPE_READ, SCOPE_WRITE)) {
 				this.grantedAuthorities.add(new SimpleGrantedAuthority(ga));
 			}
@@ -47,16 +46,6 @@ public Collection<? extends GrantedAuthority> getAuthorities() {
 			return this.grantedAuthorities;
 		}
 
-		@Override
-		public String getPassword() {
-			return user.getPassword();
-		}
-
-		@Override
-		public String getUsername() {
-			return user.getUsername();
-		}
-
 		@Override
 		public boolean isAccountNonExpired() {
 			return isEnabled();
@@ -71,15 +60,5 @@ public boolean isAccountNonLocked() {
 		public boolean isCredentialsNonExpired() {
 			return isEnabled();
 		}
-
-		@Override
-		public boolean isEnabled() {
-			return user.isEnabled();
-		}
-
-		public com.jl.crm.services.User getUser() {
-			return this.user;
-		}
 	}
-
-}
+}