Spring Security Custom Filter (Change Password)

Question

I\'m using Spring Security for securing HTTP requests to a website. The primary usage is for securing pages such that the user is redirected to the login page when trying to

Answer 1

Very useful answer form jyore, it was exactly what I was looking for. In case you are using a custom class implementing UserDetailsService, you can do it as the following along with the above bean definition in your applicationContext.xml. One thing is that based on your CML header you might need to use or instead of or

import ......

@Service("userService")
public class UserDetailsServiceImpl implements UserDetailsService {

private static Logger logger = LoggerFactory
        .getLogger(UserDetailsServiceImpl.class);

@Autowired
private UserDao userDao;

@Override
public UserDetails loadUserByUsername( String username )
    throws UsernameNotFoundException, DataAccessException , CredentialsExpiredException ,BadCredentialsException ,
    LockedException , DisabledException , UsernameNotFoundException
{
    User user = userDao.getUserByUsername( username );
    System.out.println("User Found");

    if( user == null ){
        // System.out.println("User Not Found");
        logger.error( "User Not Found");
        throw new UsernameNotFoundException( username + " is not found." );
    }

    if( user.isEnabled() == false ){
    // System.out.println("User not enabled");
    logger.error( "User not enabled");
       throw new DisabledException( "User not enabled" );
   }

    if( user.isLocked() == true ){
         //System.out.println("User is Locked");
        logger.error( "User is Locked");
          throw new LockedException( "User is Locked" );
      }
    if( user.isPasswordExpired() == true ){
        // System.out.println("Password Expired");
        logger.error( "Password Expired");
         throw new CredentialsExpiredException( "Password Expired" );
     }  

    return user;
  }
}