自定义 Spring Security 4 的UserDetailsService和UserDetails
来源:互联网 发布:sql where like 多字段 编辑:程序博客网 时间:2024/05/16 09:06
首先在Spring的配置文件中加入自定义UserDetailsService的配置,假如类的全名为com.cpwl.security.CpwlUserDetailsService并且加入了一个加密器:
<bean id="myUserDetailsService" class="com.cpwl.security.CpwlUserDetailsService"></bean><bean id="bcryptEncoder"class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"></bean><sec:authentication-manager><sec:authentication-provideruser-service-ref="myUserDetailsService"><sec:password-encoder ref="bcryptEncoder" /></sec:authentication-provider></sec:authentication-manager>
然后定义UserDetails的实现,这里名叫User:
package com.cpwl.security;import java.util.Collection;import org.springframework.security.core.GrantedAuthority;import org.springframework.security.core.userdetails.UserDetails;public class User implements UserDetails{private Long id;private String username;private String password;private boolean enabled;private Collection<? extends GrantedAuthority> authorities;public User(Long id, String username, String password, boolean enabled) {super();this.id = id;this.username = username;this.password = password;this.enabled = enabled;}public User(Long id, String username, String password, boolean enabled,Collection<? extends GrantedAuthority> authorities) {super();this.id = id;this.username = username;this.password = password;this.enabled = enabled;this.authorities = authorities;}public Long getId(){return this.id;}@Overridepublic Collection<? extends GrantedAuthority> getAuthorities() {return authorities;}@Overridepublic String getPassword() {return password;}@Overridepublic String getUsername() {return username;}@Overridepublic boolean isAccountNonExpired() {return true;}@Overridepublic boolean isAccountNonLocked() {return true;}@Overridepublic boolean isCredentialsNonExpired() {return true;}@Overridepublic boolean isEnabled() {return enabled;}@Overridepublic String toString() {return "MyUserDetails [id=" + id + ", username=" + username+ ", password=" + password + ", enabled=" + enabled+ ", authorities=" + authorities + "]";}}
最后定义我们的UserDetailsService:
package com.cpwl.security;import java.sql.ResultSet;import java.sql.SQLException;import java.util.List;import org.slf4j.Logger;import org.slf4j.LoggerFactory;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.dao.EmptyResultDataAccessException;import org.springframework.jdbc.core.JdbcTemplate;import org.springframework.jdbc.core.RowMapper;import org.springframework.security.core.GrantedAuthority;import org.springframework.security.core.authority.SimpleGrantedAuthority;import org.springframework.security.core.userdetails.UserDetails;import org.springframework.security.core.userdetails.UserDetailsService;import org.springframework.security.core.userdetails.UsernameNotFoundException;public class CpwlUserDetailsService implements UserDetailsService {@AutowiredJdbcTemplate jdbcTemplate;private final String sqlLoadUser;private final String sqlLoadAuthorities;private final RowMapper<User> myUserDetailsRowMapper;private final RowMapper<GrantedAuthority> authorityRowMapper;private static Logger logger = LoggerFactory.getLogger(CpwlUserDetailsService.class);public CpwlUserDetailsService() {super();sqlLoadUser = "SELECT id,username,password,enabled FROM user WHERE username=? OR phoneNumber=? OR email=?";sqlLoadAuthorities = "SELECT authority FROM view_role WHERE username=?";myUserDetailsRowMapper = new RowMapper<User>() {@Overridepublic User mapRow(ResultSet rs, int rowNum) throws SQLException {return new User(rs.getLong(1), rs.getString(2),rs.getString(3), rs.getBoolean(4));}};authorityRowMapper = new RowMapper<GrantedAuthority>() {@Overridepublic GrantedAuthority mapRow(ResultSet rs, int rowNum)throws SQLException {return new SimpleGrantedAuthority(rs.getString(1));}};}@Overridepublic UserDetails loadUserByUsername(String username)throws UsernameNotFoundException {try {User userFromQuery = jdbcTemplate.queryForObject(sqlLoadUser,myUserDetailsRowMapper, username, username, username);logger.debug("查询得到用户:{}", userFromQuery);List<GrantedAuthority> authorities = jdbcTemplate.query(sqlLoadAuthorities, authorityRowMapper, username);logger.debug("得到其权限:{}", authorities);return new User(userFromQuery.getId(), userFromQuery.getUsername(),userFromQuery.getPassword(), userFromQuery.isEnabled(),authorities);} catch (EmptyResultDataAccessException e) {logger.debug("查询结果集为空:{}", username);throw new UsernameNotFoundException("用户名或密码不正确");}}}
0 0
- 自定义 Spring Security 4 的UserDetailsService和UserDetails
- Spring security +Hibernate+UserDetailsService认证
- 7. Spring Security缓存UserDetails
- Spring Security 取Session中的值和修改userDetails
- Spring Security 取Session中的值和修改userDetails(转)
- Spring Security 取Session中的值和修改userDetails(转)
- Spring Security 取Session中的值和修改userDetails
- Spring Security身份认证之UserDetailsService
- Spring Security(07)——缓存UserDetails
- Spring Security(07)——缓存UserDetails
- Spring Security(07)——缓存UserDetails
- Spring Security(07)——缓存UserDetails
- Spring Security(07)——缓存UserDetails
- Spring Security(07)——缓存UserDetails
- spring security自定义登陆和动态
- acegi security实践教程—定制userDetailsService
- spring security 自定义验证
- 自定义Spring Security过滤器
- hdu5304
- Eclipse注解模板设置
- Halcon学习笔记_01:Threshold
- java.lang.UnsatisfiedLinkError:Could not load bd_wsp_v1_0 loader dalvik.system
- android自定义控件(一) 官方文档的翻译
- 自定义 Spring Security 4 的UserDetailsService和UserDetails
- HNUC-2330 Casino-算法Manacher最长回文子串
- Min Stack
- ios DDlog日志
- hdu2041 超级楼梯
- WebSocket
- NSURL
- leetcode 68: Text Justification
- error C3861: “rand”: 找不到标识符