Spring security 如何为几种类型的用户实现UserDetailsService?
在我的web应用程序中,当我有一种类型的用户(典型用户)时,我会执行以下操作: 1) 实施Spring security 如何为几种类型的用户实现UserDetailsService?,spring-security,userdetailsservice,Spring Security,Userdetailsservice,在我的web应用程序中,当我有一种类型的用户(典型用户)时,我会执行以下操作: 1) 实施UserDetailsService public class UserServiceImpl implements UserService, UserDetailsService { private UserDao userDao; @Override public UserDetails loadUserByUsername(String username) throws Usernam
UserDetailsService
public class UserServiceImpl implements UserService, UserDetailsService {
private UserDao userDao;
@Override
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException
{
UserEntity user = userDao.loadUserByEmail(username);
if (user == null) {
throw new UsernameNotFoundException(String.format(
getMessageBundle().getString("badCredentials"), username));
}
Collection<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
authorities.add(new SimpleGrantedAuthority("ROLE_USER"));
User userDetails = new User(user.getEmail(), user.getPassword(),
authorities);
return userDetails;
}}
但是现在我想要另一种类型的用户(管理员)。因此,我需要另一个loadUserByUsername
方法的实现(用户将从中获得ROLE\u ADMIN
)。我可以编写另一个类(
AdminServiceImpl
),但我的security config.xml
将是什么样子?如建议的,切换到数据库存储。假设您正在使用ORM进行数据库管理:
public class Role implements org.springframework.security.core.GrantedAuthority {
// implements what must be implemented
}
public class User implements org.springframework.security.core.userdetails.UserDetails {
// your stuff...
@ManyToMany(fetch = FetchType.EAGER) // shouldn't be a problem here to fetch eagerly
private Collection<Role> roles = new HashSet<Role>();
// add getters and setters
/**
* @see org.springframework.security.core.userdetails.UserDetails#getAuthorities()
*/
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return getRoles();
}
}
public class UserDetailsServiceImpl implements
org.springframework.security.core.userdetails.UserDetailsService {
@Override
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException {
// Load the user from your database. The ORM will take care of loading his Role collection.
}
}
公共类角色实现org.springframework.security.core.GrantedAuthority{
//实现必须实现的内容
}
公共类用户实现org.springframework.security.core.userdetails.userdetails{
//你的东西。。。
@ManyToMany(fetch=FetchType.EAGER)//在这里急切地获取应该不是问题
私有集合角色=新HashSet();
//添加getter和setter
/**
*@see org.springframework.security.core.userdetails.userdetails#getAuthorities()
*/
@凌驾
公共收集按照建议,切换到数据库存储。假设您正在使用ORM进行数据库管理:
public class Role implements org.springframework.security.core.GrantedAuthority {
// implements what must be implemented
}
public class User implements org.springframework.security.core.userdetails.UserDetails {
// your stuff...
@ManyToMany(fetch = FetchType.EAGER) // shouldn't be a problem here to fetch eagerly
private Collection<Role> roles = new HashSet<Role>();
// add getters and setters
/**
* @see org.springframework.security.core.userdetails.UserDetails#getAuthorities()
*/
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return getRoles();
}
}
public class UserDetailsServiceImpl implements
org.springframework.security.core.userdetails.UserDetailsService {
@Override
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException {
// Load the user from your database. The ORM will take care of loading his Role collection.
}
}
公共类角色实现org.springframework.security.core.GrantedAuthority{
//实现必须实现的内容
}
公共类用户实现org.springframework.security.core.userdetails.userdetails{
//你的东西。。。
@ManyToMany(fetch=FetchType.EAGER)//在这里急切地获取应该不是问题
私有集合角色=新HashSet();
//添加getter和setter
/**
*@see org.springframework.security.core.userdetails.userdetails#getAuthorities()
*/
@凌驾
公共集合在数据库中存储角色。在数据库中存储角色。