我的http-digest的Spring-Security实现: 代码:
<bean id="digestFilter" class="org.springframework.security.web.authentication.www.DigestAuthenticationFilter">
<property name="userDetailsService" ref="userService"/>
<property name="authenticationEntryPoint" ref="digestEntryPoint"/>
</bean>
========================================================================
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="inMemoryAuthenticationProvider"/>
</security:authentication-manager>
========================================================================
<bean id="inMemoryAuthenticationProvider"
class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<property name="hideUserNotFoundExceptions" value="false"/>
<property name="userDetailsService" ref="inMemoryUserService"/>
<property name="messageSource" ref="messageSource"/>
</bean>
========================================================================
<security:user-service id="inMemoryUserService">
<security:user name="user" password="user" authorities="ROLE_USER"/>
<security:user name="admin" password="admin" authorities="ROLE_ADMIN"/>
<security:user name="invitado" password="invitado" authorities="ROLE_INVITADO"/>
</security:user-service>
我正在尝试自定义它以从数据库中获取用户数据。我试图从Interface类UserDetailsService访问。 代码:
public class CustomUserDetailsService implements UserDetailsService {
@Override
public UserDetails loadUserByUsername(String arg0)
throws UsernameNotFoundException {
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
authorities.add(new SimpleGrantedAuthority("ROLE_USER"));
return new User(
"pepe",
"psw",
true,
true,
true,
true,
authorities);
}
}
这不起作用,因为实现安全性时的标签:user-service,没有类属性。
任何想法?,如何访问用户数据库?
答案 0 :(得分:1)
<user-service>标记用于在spring配置文件中显式定义用户。它不允许指定您自己的UserDetailsService实现。
要使用CustomUserDetailsService,您只需删除<user-service>代码,然后将其替换为您的自定义UserDetailsService:
<bean id="inMemoryUserService" class="you.package.CustomUserDetailsService"/>
然后你应该能够使用pepe登录:psw。