如何通过spring_id或contact_number在spring security中进行身份验证?

时间:2015-07-21 12:16:29

标签: java spring spring-mvc spring-security

我想使用一个文本字段,通过该字段可以将contact_number或email_id作为用户名传递,并且应该进行身份验证

这是我试过的,但无法验证

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.jdbcAuthentication().dataSource(dataSource).passwordEncoder(passwordEncoder())
        .usersByUsernameQuery(
            "select email_id as username,password,enabled from users where (email_id = ? or contact_number = ?)")
            .authoritiesByUsernameQuery(
            "select email_id as username,'USER_ROLE' from users where (email_id = ? or contact_number = ?)");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
        .authorizeRequests()
            .antMatchers("/resources/**").permitAll() 
            .antMatchers("/signUp").permitAll()
            .antMatchers("/saveUserCompany").permitAll()
            .anyRequest().authenticated()
            .and()
              .formLogin().loginPage("/login").permitAll().failureUrl("/login?error").permitAll()
              .usernameParameter("username").passwordParameter("password").permitAll();
    }

和我的登录页面jsp 

           <form method="post" th:action="@{/login}" name="f">
             <fieldset>
                <%-- <div th:if="${param.error}" class="alert alert-error">    
                     Invalid username and password.
                 </div>
                 <div th:if="${param.logout}" class="alert alert-success"> 
                     You have been logged out. 
                 </div> --%>
                 <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
                 <div class="margin-top-10  form-group">
                    <input class="form-control input-lg" type="text" id="username" name="username" placeholder="Username" />
                 </div>
                 <div class="margin-top-10 form-group">
                    <input class="form-control input-lg" type="password" id="password" name="password" placeholder="Password"/>
                 </div>   
                 <div class="margin-top-10 form-actions form-group">
                    <button type="submit" class="btn btn-default btn-primary">Login</button>
                    <a class="register-link">Register</a>
                 </div>
                 </fieldset>
            </form>

1 个答案:

答案 0 :(得分:0)

这是你需要的东西:

@Transactional
@Service("userDetailsService")
public class LoginServiceImpl implements UserDetailsService {

    @Autowired
    private PersonDAO personDAO;

    @Autowired
    private Assembler assembler;

    public LoginServiceImpl() {
    }
    @Override
// below you can pass as username also. And the the dao method will be responsible to search phonenumber, emailid, birthdate, blood group, DNA encoding, depending how sophisticated your database search is. 
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
        Person person = personDAO.findPersonByUsername(username.toLowerCase());
        if (person == null) {
            throw new UsernameNotFoundException("Wrong username or password");
        }
        return assembler.buildUserFromUserEntity(person);
    }
}

上面的课程需要帮助类:

@Service("assembler")
public class Assembler {
    @Transactional(readOnly = true)
    User buildUserFromUserEntity(Person userEntity) {
        String username = userEntity.getUsername().toLowerCase();
        String password = userEntity.getPassword();

        boolean enabled = userEntity.isEnabled();
        boolean accountNonExpired = userEntity.isAccountNonExpired();
        boolean credentialsNonExpired = userEntity.isCredentialsNonExpired();
        boolean accountNonLocked = userEntity.isAccountNonLocked();

        Collection<GrantedAuthority> authorities = new ArrayList<>();
// I am manually assigniing role below as we dont have complex role management. 
        authorities.add(new SimpleGrantedAuthority("ROLE_USER"));

        return new User(username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities);
    }
}

如果有任何疑问,请告诉我。

相关问题
最新问题