我想在我的应用程序中集成spring security。 用户信息保存在Oracle DB中,密码用md5编码。 我一开始尝试了这个但是没有用:
<bean id="customjdbcUserService" class="org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl">
<property name="dataSource" ref="dataSource" />
<property name="enableAuthorities" value="true" />
<property name="usersByUsernameQuery" value="SELECT mail,password,enabled FROM users WHERE mail = ?" />
<property name="authoritiesByUsernameQuery" value="select mail,authority from user_roles where mail = ?" />
</bean>
<bean id="dataSource"
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="url" value="jdbc:oracle:thin:@//localhost:8080/ex" />
<property name="username" value="user1" />
<property name="password" value="user1" />
</bean>
<bean id="daoAuthenticationProvider"
class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<property name="userDetailsService" ref="customjdbcUserService"/>
</bean>
<bean id="authenticationManager"
class="org.springframework.security.authentication.ProviderManager">
<property name="providers">
<list>
<ref local="daoAuthenticationProvider" />
</list>
</property>
</bean>
<sec:authentication-manager>
<security:authentication-provider user-service-ref="customjdbcUserService" >
<security:password-encoder hash="md5" />
</security:authentication-provider>
</sec:authentication-manager>
我在网上搜索了很多关于实施UserDetailsService或authenticatioProvider或authenticationManager或Filter的内容。现在我只是困惑:我应该实施哪一个?
答案 0 :(得分:1)
实施UserDetailsService非常适合验证用户,
Spring Security xml代码
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="userDetailService">
</authentication-provider>
</authentication-manager>
实现的服务类,org.springframework.security.core.userdetails.UserDetailsService
@Service("userDetailsService")
public class UserDetailsServiceImpl implements UserDetailsService {
public UserDetails loadUserByUsername(String username)
{
}
//methods an your code/logics
}