[英]spring boot security- adding custom role names
我正在關注 spring 啟動 JPA 身份驗證安全教程。 我已經為用戶和管理員設置了身份驗證。
但是在 MySQL 數據庫中,我有自定義角色,例如“校長”、“老師”和“學生”
如何將這些自定義角色添加到我的身份驗證中。
我假設我需要在 UserDetails class 中執行此操作。 到目前為止,這是我的代碼
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import java.util.stream.Collectors;
public class UserDetails implements UserDetails {
private String username;
private String password;
private boolean active;
private List<GrantedAuthority> authorities;
public MyUserDetails(User user) {
this.username = user.getUsername();
this.password = user.getPassword();
this.active = user.isActive();
this.authorities = Arrays.stream(user.getTheType().split(","))
.map(SimpleGrantedAuthority::new)
.collect(Collectors.toList());
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return authorities;
}
@Override
public String getPassword() {
return password;
}
@Override
public String getUsername() {
return username;
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return active;
}
}
對於教程/課程,您(嘗試)重命名/重構時可以:
ROLE_
;)但是侵入性最小且非常有效(僅適用於 2 個角色/少數組合)的方法如下:
// adjust to requirements:
static final String REGEX_USERS = "student"; // exact match
static final String REGEX_ADMINS = "(teacher|principal)"; // group OR match
static final String AUTH_ADMINS = "ADMINS";
static final String AUTH_USERS = "USERS";
...接着:
this.authorities = Arrays.stream(
user
.getTheType()
.replaceAll(REGEX_USERS, USERS)
.replaceAll(REGEX_ADMINS, ADMINS)
.split(",")
)
.map(SimpleGrantedAuthority::new)
.collect(Collectors.toList());
獨立測試:
package com.example.demo;
import java.util.Arrays;
import java.util.List;
import java.util.stream.Collectors;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
class TestO {
static final String REGEX_USERS = "student";
static final String REGEX_ADMINS = "(teacher|principal)";
static final String AUTH_ADMINS = "ADMINS";
static final String AUTH_USERS = "USERS";
public static void main(String[] args) {
String testData1 = "student";
String testData2 = "teacher,principal";
List<GrantedAuthority> result1 = Arrays.stream(testData1
.replaceAll(REGEX_USERS, AUTH_USERS)
.replaceAll(REGEX_ADMINS, AUTH_ADMINS)
.split(","))
.map(SimpleGrantedAuthority::new)
.collect(Collectors.toList());
System.out.format("%s%n", result1);
List<GrantedAuthority> result2 = Arrays.stream(testData2
.replaceAll(REGEX_USERS, "USERS")
.replaceAll(REGEX_ADMINS, "ADMINS")
.split(","))
.map(SimpleGrantedAuthority::new)
.collect(Collectors.toList());
System.out.format("%s%n", result2);
}
}
印刷:
[USERS]
[ADMINS, ADMINS]
如果我關於角色映射的假設(:) 是正確的:
student
都是USERS
teacher
都是ADMINS
principal
..還有ADMIN
(還有teacher
?? ...拜托。學校系統差異很大..;;-)principal
是唯一一個在他的(權限)列表中有逗號的人??student
是teacher
??)然后可能(以及在任何“特定授權”的情況下):
private java.util.Set<GrantedAuthority> authorities;
...然后還有:
Collectors.toSet() // + refacotrings
是首選! ( Set 和 List 有什么區別? ;;)
所以:
Set<GrantedAuthority> result2 = Arrays.stream(testData2
.replaceAll(REGEX_USERS, "USERS")
.replaceAll(REGEX_ADMINS, "ADMINS")
.split(","))
.map(SimpleGrantedAuthority::new)
.collect(Collectors.toSet());
System.out.format("%s%n", result2);
印刷:
...
[ADMINS]
另請參閱(注冊有效的字符串替換):
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.