0

我想在我的应用程序中集成 Spring Security。用户信息保存在 Oracle DB 中,其中密码用 md5 编码。我一开始试过这个,但没有用:

 <bean id="customjdbcUserService" class="org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl">
            <property name="dataSource" ref="dataSource" />
            <property name="enableAuthorities" value="true" />
            <property name="usersByUsernameQuery" value="SELECT mail,password,enabled FROM users WHERE mail = ?" />
            <property name="authoritiesByUsernameQuery" value="select mail,authority from user_roles where mail = ?" />
            </bean>
    <bean id="dataSource"
            class="org.springframework.jdbc.datasource.DriverManagerDataSource">
            <property name="url" value="jdbc:oracle:thin:@//localhost:8080/ex" />
            <property name="username" value="user1" />
            <property name="password" value="user1" />
        </bean>
        <bean id="daoAuthenticationProvider"
                class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
            <property name="userDetailsService" ref="customjdbcUserService"/>
        </bean>

        <bean id="authenticationManager"
            class="org.springframework.security.authentication.ProviderManager">
            <property name="providers">
                <list>
                    <ref local="daoAuthenticationProvider" />
                </list>
            </property>
        </bean>
    <sec:authentication-manager>
 <security:authentication-provider user-service-ref="customjdbcUserService" >
      <security:password-encoder hash="md5" />
     </security:authentication-provider> 
        </sec:authentication-manager>

我在网上搜索,发现了很多关于实现UserDetailsServiceor authenticatioProvideror authenticationManageror的信息Filter。现在我很困惑:我应该实施哪一个?

4

1 回答 1

1

实现 UserDetailsS​​ervice 将非常适合验证用户,

Spring 安全 xml 代码

  <authentication-manager alias="authenticationManager">
    <authentication-provider user-service-ref="userDetailService">

    </authentication-provider>
  </authentication-manager>

实现的服务类,org.springframework.security.core.userdetails.UserDetailsS​​ervice

  @Service("userDetailsService")
  public class UserDetailsServiceImpl implements UserDetailsService {

  public UserDetails loadUserByUsername(String username)
  {

  }
  //methods an your code/logics

  }
于 2013-05-11T18:22:02.923 回答