UserControllerImpl.java

package de.botzenhart.testjsf.security.service;

import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.List;

import org.springframework.dao.DataAccessException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.transaction.annotation.Transactional;

import de.botzenhart.testjsf.security.dao.UserDao;
import de.botzenhart.testjsf.security.model.User;

@Transactional
public class UserControllerImpl implements UserController, UserDetailsService {

   UserDao userDao;

   public UserControllerImpl(UserDao userdao) {
      this.userDao = userdao;
      userdao.saveUser(new User(defaultAuthority(), createHash("test"),
            "test", true, true, true, true));
   }

   private String createHash(String password) {
      MessageDigest messageDigest;
      try {
         messageDigest = MessageDigest.getInstance("sha");
         messageDigest.update(password.getBytes(), 0, password.length());
         String hashedPass = new BigInteger(1, messageDigest.digest())
               .toString(16);
         if (hashedPass.length() < 32) {
            hashedPass = "0" + hashedPass;
         }

         return hashedPass;
      } catch (NoSuchAlgorithmException e) {
         // TODO Auto-generated catch block
         e.printStackTrace();
         return "";
      }
   }

   public String createUser(User user) {
      if (user.getUsername() != null) {
         user.setPassword(createHash(user.getPassword()));
         user.fullyEnable();
         user.setAuthorities(defaultAuthority());
         userDao.saveUser(user);
      }
      return "success";
   }

   public User getUser(String username) {
      return userDao.getUser(username);
   }

   private List<GrantedAuthority> defaultAuthority() {
      List<GrantedAuthority> authList = new ArrayList<GrantedAuthority>();
      authList.add(new GrantedAuthorityImpl("ROLE_USER"));
      authList.add(new GrantedAuthorityImpl("ROLE_ADMINISTRATOR"));
      return authList;// .toArray(new GrantedAuthority[] {});

   }

   public UserDetails loadUserByUsername(String arg0)
         throws UsernameNotFoundException, DataAccessException {
      User temp = getUser(arg0);
      return temp;
   }

}