MySQL query in spring-security.xml for authorization
Question
Q1. > How do I check whether the following two queries is executed or not in spring-security.xml ?
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query=
"select user_login_name as username,user_password as password,user_type_id,role_id from sox_audit.sox_users where user_login_name=? and user_password=?"
authorities-by-username-query=
"select user_login_name as username,role_id as authority from sox_audit.sox_users where user_login_name ='sriram@gmail.com' and user_password='12345' "/>
I can able to login with hardcoded values and give authorities as per the user type. But I cannot By selecting the records from DB.
Can anyone help me out in this.
2 answers
solution1
1 2015-05-12 08:44:49
Enable logs for JdbcDaoImpl which implements UserDetailsService . something like:
log4j.logger.org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl=DEBUG
If that doesn't work, add some breakpoints on this class and debug it on runtime.
solution2
0 2015-05-12 12:27:58
I solved it. Thing is query is wrong. users-by-username-query will take only 3 parameters. It should be username, password and enabled from database. Also, authorities-by-username-query will take 2 parameters.
users-by-username-query=
"select user_login_name as username,user_password as password,enabled from sox_audit.sox_users where user_login_name=?"
authorities-by-username-query=
"select user_login_name as username,authority from sox_audit.sox_users where user_login_name =?"/>
Then control the users in HomeController. This will work perfectly.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.