Spring安全案例敏感

时间:2013-01-18 17:13:53

标签: java spring spring-security

我的MySql数据库区分大小写,一切正常,在hibernate中,数据库中的表名与我的类相同。但是在Spring Security上,默认身份验证不能正常工作,使用小写而不是大写的表名的第一个字母构建SQL。有没有办法让Spring安全性像hibernate一样理解大写呢?或者我是否只需要构建自定义身份验证以将表名更改为大写字母?

<!-- Session Factory Hibernate -->
<bean id="sessionFactory"
    class="org.springframework.orm.hibernate3.annotation.AnnotationSessionFactoryBean">

    <property name="packagesToScan" value="br.com.empresa.domain" />
    <property name="dataSource">
        <ref local="mySQLdataSource" />
    </property>
    <property name="hibernateProperties">
        <props>
            <prop key="hibernate.dialect">org.hibernate.dialect.MySQLDialect</prop>
            <prop key="hibernate.hbm2ddl.auto">create-drop</prop>
            <!-- Novos geradores de ids recomendados pela documentação do hibernate -->
            <prop key="hibernate.id.new_generator_mappings">false</prop> 
            <prop key="hibernate.show_sql">true</prop>
        </props>
    </property>

</bean>

<!-- Conexão com o Banco de Dados -->
<bean id="mySQLdataSource"
    class="org.springframework.jdbc.datasource.DriverManagerDataSource">

    <property name="driverClassName" value="com.mysql.jdbc.Driver" />
    <property name="url" value="jdbc:mysql://localhost:3306/db" />    --> 
    <property name="username" value="root" />
    <property name="password" value="asd123456" />

</bean>

<!-- It is responsible for validating the user's credentials -->
<security:authentication-manager>

    <!-- It is responsible for providing credential validation to the AuthenticationManager -->
    <security:authentication-provider>
        <security:password-encoder ref="passwordEncoder" />
        <security:jdbc-user-service
            data-source-ref="mySQLdataSource" />
    </security:authentication-provider>

</security:authentication-manager>

<bean
    class="org.springframework.security.crypto.password.StandardPasswordEncoder"
    id="passwordEncoder" />

1 个答案:

答案 0 :(得分:2)

我认为您使用 JdbcDaoImpl (通过 jdbc-user-service 元素)。如果是,那么您可以为默认查询提供自己的SQL。

<jdbc-user-service 
    users-by-username-query="select username, password, enabled from Users where username = ?" 
    authorities-by-username-query="select username, authority from Authorities where username = ?" 
/>
相关问题
最新问题