关于Acegi的User类的几个属性的意义。

今天在Spring Forum的AcegiSecurity版发了个问题：

What's meaning of credentialsNonExpired...?

 

---

 

I don't know some propertise of org.acegisecurity.userdetails.user class, such as credentialsNonExpired. I don't know the difference among enabled, accountNonExpired and accountNonLocked.

以下是Andreas Senft的回复：

"Enabled" just means that you can use the account. This flag can be used adminstratively to disable an account without deleting it.

Account expiry causes you to change your password in determined intervals. If you fail to do so, your account will expire and you cannot use it. The flag indicates if your account has (not) expired.

A locked account is a different thing. If you, for example, enter three times a wrong password, your account might be locked, but it is not expired.
The flag tells you if your account is (not) locked.

Hope that helps,
Andreas