我会问一个关于弹簧安全的问题!!
是可以配置身份验证 - 提供我自己的表这是我的例子
故事“utilisateur”
CREATE TABLE utilisateur
(
id_user serial NOT NULL,
authority character varying(50) NOT NULL,
username character varying(50) NOT NULL,
"password" character varying(50) NOT NULL,
CONSTRAINT cl_primaire_utilisateur PRIMARY KEY (id_user)
)
我能做些什么来使用我自己的桌子连接弹簧
<authentication-manager>
<authentication-provider user-service-ref='userDetailsService' />
</authentication-manager>
答案 0 :(得分:1)
您可以使用JDBC-based user details service来实现此目的。您可以将其配置为查询用户和权限的任意表。
以下是我之前使用它的一个项目的相关安全上下文部分的示例:
<!-- Configure Authentication mechanism -->
<authentication-manager alias="authenticationManager">
<!-- DAO Based Security -->
<authentication-provider>
<password-encoder hash="md5" />
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="SELECT U.username AS username, U.password as password, 'true' as enabled FROM user U where U.username=?"
authorities-by-username-query="SELECT U.username as username, A.name as authority FROM user U left join user_roles UA on U.id=UA.user left join role A on UA.roles = A.id WHERE U.username=?" />
</authentication-provider>
</authentication-manager>