+ /**
+ * Convenience constructor
+ *
+ * @param session
+ * the security session
+ * @param username
+ * the username
+ * @param password
+ * the password, can be null
+ * @param authorities
+ * the granted authorities
+ */
+ public JcrUserDetails(Session session, String username, String password,
+ GrantedAuthority[] authorities) throws RepositoryException {
+ this(UserJcrUtils.getUserProfile(session, username),
+ password != null ? password : "", authorities);
+ }
+
+ /**
+ * Check the account status in JCR, throwing the exceptions expected by
+ * Spring security if needed.
+ */
+ public static void checkAccountStatus(Node userProfile) {
+ try {
+ if (!userProfile.getProperty(ARGEO_ENABLED).getBoolean())
+ throw new DisabledException(userProfile.getPath()
+ + " is disabled");
+ if (!userProfile.getProperty(ARGEO_ACCOUNT_NON_LOCKED).getBoolean())
+ throw new LockedException(userProfile.getPath() + " is locked");
+ } catch (RepositoryException e) {
+ throw new BadCredentialsException("Cannot check account status", e);
+ }
+ }
+
+ /** Clone immutable with new roles */