使用mysql数据库对Spring安全性中的用户进行身份验证?
[英]Using mysql database to authenticate users in Spring security?
问题描述
I want to use Spring security to authenticate users in my web application.. Since am not a matured user to Spring framework ,i can't get a clear idea about how we can do the configuration settings to use jdbc-user-service .. i had done the following configurations.but its not working 
我想使用Spring安全性来验证我的Web应用程序中的用户。由于我不是Spring框架的成熟用户,我无法清楚地了解如何使用jdbc-user-service进行配置设置。我做了以下配置。但它不起作用
<authentication-manager>
<authentication-provider>
<jdbc-user-service data-source-ref="myDataSource"/>
</authentication-provider>
</authentication-manager>
<beans:bean id="myDataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
<beans:property name="driverClassName" value="com.mysql.jdbc.Driver"/>
<beans:property name="url" value="jdbc:mysql://localhost:3306/testDB"/>
<beans:property name="username" value="admin"/>
<beans:property name="password" value="admin"/>
</beans:bean>
..can anyone please help me to solve the issue with a sample config file. ..可以请任何人帮我解决一个示例配置文件的问题。 Thanks in advance. 提前致谢。
3 个解决方案
解决方案1
6 2011-08-24 07:56:47
You usually do it with a custom UserDetailsService . 您通常使用自定义UserDetailsService来执行此操作。 The UserDetailsService is a DAO used to load data about a user when they attempt login. UserDetailsService是一个DAO,用于在用户尝试登录时加载有关用户的数据。 Have a look at the loadUserByUsername(String username) method and the UserDetails class in spring. 在spring中查看loadUserByUsername(String username)方法和UserDetails类。
Yo need to define it in your context: 你需要在你的上下文中定义它:
<bean id="myDetailsService"
class="com.company.service.impl.MyDetailsService" />
To use it you can add this to your security config: 要使用它,您可以将其添加到您的安全配置:
<authentication-manager>
<authentication-provider user-service-ref="myDetailsService" />
</authentication-manager>
and all you security filters will use it. 并且所有安全过滤器都将使用它。
You can ask a more specific question if you need help implementing it, but you won't have trouble IMO. 如果您需要实施帮助,可以提出更具体的问题,但您不会遇到IMO问题。
解决方案2
6 2011-08-24 10:45:14
another way to do this is to create tables using the standard spring security database schema ( http://static.springsource.org/spring-security/site/docs/3.0.x/reference/appendix-schema.html ). 另一种方法是使用标准的spring安全数据库模式( http://static.springsource.org/spring-security/site/docs/3.0.x/reference/appendix-schema.html )创建表。 Then you can simply use spring's jdbc-userservice: 然后你可以简单地使用spring的jdbc-userservice:
<security:authentication-provider >
<security:jdbc-user-service data-source-ref="dataSource" />
<security:password-encoder hash="sha" />
</security:authentication-provider>
Or if you want to use your own schema you can override the queries like this: 或者,如果您想使用自己的架构,可以覆盖以下查询:
<security:authentication-provider>
<securiy:jdbc-user-service
data-source-ref="dataSource"
users-by-username-query="select username, password from users where username=?"
authorities-by-username-query="select username, roleName from role..."
role-prefix="ROLE_"
/>
</security:authentication-provider>
解决方案3
1 2012-06-08 13:42:57
Add these lines to your <authentication-provider> tag: 将这些行添加到<authentication-provider>标记:
<authentication-provider>
<password-encoder hash="sha-256" />
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="
SELECT username, password, enabled
FROM user WHERE username = ?"
authorities-by-username-query="
SELECT u.username, r.role_name
FROM user u, user_role r, assigned_role a
WHERE u.id = a.username
AND r.id = a.role_id
AND u.username = ?"
/>
</authentication-provider>
Of course you'll have to tweak the queries to match your table names. 当然,您必须调整查询以匹配您的表名。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.