public class

User

extends Object
implements CredentialsContainer UserDetails
java.lang.Object
   ↳ org.springframework.security.core.userdetails.User

Class Overview

Models core user information retrieved by a UserDetailsService.

Developers may use this class directly, subclass it, or write their own UserDetails implementation from scratch.

equals and hashcode implementations are based on the username property only, as the intention is that lookups of the same user principal object (in a user registry, for example) will match where the objects represent the same user, not just when all the properties (authorities, password for example) are the same.

Note that this implementation is not immutable. It implements the CredentialsContainer interface, in order to allow the password to be erased after authentication. This may cause side-effects if you are storing instances in-memory and reusing them. If so, make sure you return a copy from your UserDetailsService each time it is invoked.

Summary

Public Constructors
User(String username, String password, Collection<? extends GrantedAuthority> authorities)
Calls the more complex constructor with all boolean arguments set to true.
User(String username, String password, boolean enabled, boolean accountNonExpired, boolean credentialsNonExpired, boolean accountNonLocked, Collection<? extends GrantedAuthority> authorities)
Construct the User with the details required by DaoAuthenticationProvider.
Public Methods
boolean equals(Object rhs)
Returns true if the supplied object is a User instance with the same username value.
void eraseCredentials()
Collection<GrantedAuthority> getAuthorities()
Returns the authorities granted to the user.
String getPassword()
Returns the password used to authenticate the user.
String getUsername()
Returns the username used to authenticate the user.
int hashCode()
Returns the hashcode of the username.
boolean isAccountNonExpired()
Indicates whether the user's account has expired.
boolean isAccountNonLocked()
Indicates whether the user is locked or unlocked.
boolean isCredentialsNonExpired()
Indicates whether the user's credentials (password) has expired.
boolean isEnabled()
Indicates whether the user is enabled or disabled.
String toString()
[Expand]
Inherited Methods
From class java.lang.Object
From interface org.springframework.security.core.CredentialsContainer
From interface org.springframework.security.core.userdetails.UserDetails

Public Constructors

public User (String username, String password, Collection<? extends GrantedAuthority> authorities)

Calls the more complex constructor with all boolean arguments set to true.

public User (String username, String password, boolean enabled, boolean accountNonExpired, boolean credentialsNonExpired, boolean accountNonLocked, Collection<? extends GrantedAuthority> authorities)

Construct the User with the details required by DaoAuthenticationProvider.

Parameters
username the username presented to the DaoAuthenticationProvider
password the password that should be presented to the DaoAuthenticationProvider
enabled set to true if the user is enabled
accountNonExpired set to true if the account has not expired
credentialsNonExpired set to true if the credentials have not expired
accountNonLocked set to true if the account is not locked
authorities the authorities that should be granted to the caller if they presented the correct username and password and the user is enabled. Not null.
Throws
IllegalArgumentException if a null value was passed either as a parameter or as an element in the GrantedAuthority collection

Public Methods

public boolean equals (Object rhs)

Returns true if the supplied object is a User instance with the same username value.

In other words, the objects are equal if they have the same username, representing the same principal.

public void eraseCredentials ()

public Collection<GrantedAuthority> getAuthorities ()

Returns the authorities granted to the user. Cannot return null.

Returns
  • the authorities, sorted by natural key (never null)

public String getPassword ()

Returns the password used to authenticate the user. Cannot return null.

Returns
  • the password (never null)

public String getUsername ()

Returns the username used to authenticate the user. Cannot return null.

Returns
  • the username (never null)

public int hashCode ()

Returns the hashcode of the username.

public boolean isAccountNonExpired ()

Indicates whether the user's account has expired. An expired account cannot be authenticated.

Returns
  • true if the user's account is valid (ie non-expired), false if no longer valid (ie expired)

public boolean isAccountNonLocked ()

Indicates whether the user is locked or unlocked. A locked user cannot be authenticated.

Returns
  • true if the user is not locked, false otherwise

public boolean isCredentialsNonExpired ()

Indicates whether the user's credentials (password) has expired. Expired credentials prevent authentication.

Returns
  • true if the user's credentials are valid (ie non-expired), false if no longer valid (ie expired)

public boolean isEnabled ()

Indicates whether the user is enabled or disabled. A disabled user cannot be authenticated.

Returns
  • true if the user is enabled, false otherwise

public String toString ()