+ this.securityWorkspace = securityWorkspace;
+ }
+
+ public JcrUserDetails(Node userProfile, String password,
+ GrantedAuthority[] authorities) throws RepositoryException {
+ super(
+ userProfile.getProperty(ARGEO_USER_ID).getString(),
+ password,
+ userProfile.getProperty(ARGEO_ENABLED).getBoolean(),
+ userProfile.getProperty(ARGEO_ACCOUNT_NON_EXPIRED).getBoolean(),
+ userProfile.getProperty(ARGEO_CREDENTIALS_NON_EXPIRED)
+ .getBoolean(), userProfile.getProperty(
+ ARGEO_ACCOUNT_NON_LOCKED).getBoolean(), authorities);
+ // human readable name
+ if (userProfile.hasProperty(Property.JCR_TITLE)) {
+ displayName = userProfile.getProperty(Property.JCR_TITLE)
+ .getString();
+ if (displayName.trim().equals(""))
+ displayName = null;
+ }
+ if (displayName == null)
+ displayName = userProfile.getProperty(ARGEO_USER_ID).getString();
+ // home is defined as the parent of the profile
+ homePath = userProfile.getParent().getPath();
+ securityWorkspace = userProfile.getSession().getWorkspace().getName();
+ }
+
+ /**
+ * Convenience constructor
+ *
+ * @param session
+ * the security session
+ * @param username
+ * the username
+ * @param password
+ * the password, can be null
+ * @param authorities
+ * the granted authorities
+ */
+ public JcrUserDetails(Session session, String username, String password,
+ GrantedAuthority[] authorities) throws RepositoryException {
+ this(UserJcrUtils.getUserProfile(session, username),
+ password != null ? password : "", authorities);
+ }
+
+ /**
+ * Check the account status in JCR, throwing the exceptions expected by
+ * Spring security if needed.
+ */
+ public static void checkAccountStatus(Node userProfile) {
+ try {
+ if (!userProfile.getProperty(ARGEO_ENABLED).getBoolean())
+ throw new DisabledException(userProfile.getPath()
+ + " is disabled");
+ if (!userProfile.getProperty(ARGEO_ACCOUNT_NON_LOCKED).getBoolean())
+ throw new LockedException(userProfile.getPath() + " is locked");
+ } catch (RepositoryException e) {
+ throw new BadCredentialsException("Cannot check account status", e);
+ }