1

我的 http-digest 的 Spring-Security 实现: 代码:

<bean id="digestFilter" class="org.springframework.security.web.authentication.www.DigestAuthenticationFilter">
      <property name="userDetailsService" ref="userService"/>
      <property name="authenticationEntryPoint" ref="digestEntryPoint"/>
    </bean>

========================================================================

<security:authentication-manager alias="authenticationManager">
      <security:authentication-provider ref="inMemoryAuthenticationProvider"/>
   </security:authentication-manager>

========================================================================


<bean id="inMemoryAuthenticationProvider"
         class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
      <property name="hideUserNotFoundExceptions" value="false"/>
     <property name="userDetailsService" ref="inMemoryUserService"/> 
      <property name="messageSource" ref="messageSource"/>
   </bean>

========================================================================


<security:user-service id="inMemoryUserService">
        <security:user name="user" password="user" authorities="ROLE_USER"/>                
        <security:user name="admin" password="admin" authorities="ROLE_ADMIN"/>
        <security:user name="invitado" password="invitado" authorities="ROLE_INVITADO"/>
    </security:user-service>

我正在尝试对其进行自定义以从数据库中获取用户数据。我试图从接口类 UserDetailsS​​ervice 访问。代码:

public class CustomUserDetailsService implements UserDetailsService {

    @Override
    public UserDetails loadUserByUsername(String arg0)
            throws UsernameNotFoundException {

        List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();

        authorities.add(new SimpleGrantedAuthority("ROLE_USER"));

        return new User(
                "pepe", 
                "psw",
                true,
                true,
                true,
                true,
                authorities);
    }

}

这不起作用,因为实现安全时的标签:用户服务,没有类属性。

任何想法?,如何访问用户数据库?

4

1 回答 1

1

<user-service>标签用于在 spring 配置文件中显式定义用户。它不允许指定您自己的UserDetailsService实现。

要使用您的CustomUserDetailsService,您所要做的就是删除<user-service>标签并用您的自定义替换它,UserDetailsService如下所示:

<bean id="inMemoryUserService" class="you.package.CustomUserDetailsService"/>

然后您应该可以使用 pepe:psw 登录。

于 2013-06-12T14:44:19.253 回答