[英]Use Spring Security with JPA
I am new to Spring. 我是Spring的新手。
We are using spring security feature. 我们正在使用弹簧安全功能。 Database connectivity: eclipselink implementation of JPA.
数据库连接:JPA的eclipselink实现。 Database: MySql
数据库:MySql
While using spring security, Configuration of authentication provider is as follows,- 在使用spring security时,身份验证提供程序的配置如下, -
<authentication-provider>
<jdbc-user-service id="userDetailsService" data-source-ref="Datasource" />
</authentication-provider>
But in JPA we do not define datasource, we use Persistence unit with provider jpa.PersistenceProvider.
但是在JPA中我们没有定义数据源,我们使用持久性单元和提供者
jpa.PersistenceProvider.
So how do we configure authentication provider so as to use JPA for database connectivity? 那么我们如何配置身份验证提供程序以便使用JPA进行数据库连接?
What exactly should data-source-ref field contain to use database for authentication? data-source-ref字段究竟应该包含什么才能使用数据库进行身份验证?
Thank you in advance. 先感谢您。
Basically you probably need to implement UserDetailsService
yourself . 基本上你可能需要自己实现
UserDetailsService
。
So you would for example have a User
entity, and your UserDetailsService
implementation would look up the user and convert it to a UserDetails
object (or your entity would have to implement UserDetails
). 因此,您将拥有一个
User
实体,并且您的UserDetailsService
实现将查找用户并将其转换为UserDetails
对象(或者您的实体必须实现UserDetails
)。
Sample implementation: 示例实施:
public class MyUserDetailsService implements UserDetailsService{
private EntityManager entityManager;
@PersistenceContext
public void setEntityManager(EntityManager newEm){
this.entityManager = newEm;
}
public UserDetails loadUserByUsername(String username){
// assuming that you have a User class that implements UserDetails
return entityManager.createQuery("from User where username = :username", User.class)
.setParameter("username", username)
.getSingleResult();
}
}
And you add this to user spring-security.xml
然后将其添加到用户
spring-security.xml
<authentication-manager>
<authentication-provider user-service-ref="MyUserDetailsService" />
</authentication-manager>
An easier way for authentication in your case is to get one of your service layer classes implement org.springframework.security.core.userdetails.UserDetailsService
interface. 在您的情况下,更简单的身份验证方法是让您的一个服务层类实现
org.springframework.security.core.userdetails.UserDetailsService
接口。 This interface contain only one method UserDetails loadUserByUsername(String username)
. 此接口仅包含一个方法
UserDetails loadUserByUsername(String username)
。 You have to make sure that you return a UserDetails
instance for a given username. 您必须确保为给定的用户名返回
UserDetails
实例。
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException, DataAccessException {
// load and return user using your regular JPA techniques here
...
}
Once you have implemented this method in your service class, you will simply need to add its reference your spring configuration file: 在服务类中实现此方法后,您只需要将其引用添加到spring配置文件中:
<authentication-manager>
<authentication-provider user-service-ref="myServiceLayerClassInstance">
</authentication-provider>
</authentication-manager>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.