Using mysql database to authenticate users in Spri

2019-06-20 04:17发布

站内问答 / MySQL
2006 3 5

I want to use Spring security to authenticate users in my web application.. Since am not a matured user to Spring framework ,i can't get a clear idea about how we can do the configuration settings to use jdbc-user-service .. i had done the following configurations.but its not working

<authentication-manager>
    <authentication-provider>
         <jdbc-user-service data-source-ref="myDataSource"/>
    </authentication-provider>        
</authentication-manager>
<beans:bean id="myDataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
    <beans:property name="driverClassName" value="com.mysql.jdbc.Driver"/>
    <beans:property name="url" value="jdbc:mysql://localhost:3306/testDB"/>
    <beans:property name="username" value="admin"/>
    <beans:property name="password" value="admin"/>
</beans:bean>

..can anyone please help me to solve the issue with a sample config file. Thanks in advance.

3条回答
【Aperson】
2楼-- · 2019-06-20 04:47

You usually do it with a custom UserDetailsService. The UserDetailsService is a DAO used to load data about a user when they attempt login. Have a look at the loadUserByUsername(String username) method and the UserDetails class in spring.

Yo need to define it in your context:

<bean id="myDetailsService"
    class="com.company.service.impl.MyDetailsService" />

To use it you can add this to your security config:

<authentication-manager>
    <authentication-provider user-service-ref="myDetailsService" />
</authentication-manager>

and all you security filters will use it.

You can ask a more specific question if you need help implementing it, but you won't have trouble IMO.

查看更多
0人赞 添加讨论(0) 举报
唯我独甜
3楼-- · 2019-06-20 04:54

another way to do this is to create tables using the standard spring security database schema (http://static.springsource.org/spring-security/site/docs/3.0.x/reference/appendix-schema.html). Then you can simply use spring's jdbc-userservice:

<security:authentication-provider >
    <security:jdbc-user-service data-source-ref="dataSource" /> 
    <security:password-encoder hash="sha" />
</security:authentication-provider>

Or if you want to use your own schema you can override the queries like this:

<security:authentication-provider>
    <securiy:jdbc-user-service 
      data-source-ref="dataSource"
      users-by-username-query="select username, password from users where username=?"
      authorities-by-username-query="select username, roleName from role..."
      role-prefix="ROLE_"
    />
 </security:authentication-provider>
查看更多
0人赞 添加讨论(0) 举报
贪生不怕死
4楼-- · 2019-06-20 04:56

Add these lines to your <authentication-provider> tag:

<authentication-provider>
    <password-encoder hash="sha-256" />
    <jdbc-user-service data-source-ref="dataSource"
            users-by-username-query="
                SELECT username, password, enabled
                FROM user WHERE username = ?"

            authorities-by-username-query="
                SELECT u.username, r.role_name
                FROM user u, user_role r, assigned_role a
                WHERE u.id = a.username
                AND r.id = a.role_id
                AND u.username = ?"
        />
</authentication-provider>

Of course you'll have to tweak the queries to match your table names.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)