Spring安全性:自定义UserDetails和GrandtedAuthority实现
我已经配置了以下身份验证管理器和内存中用户服务Spring安全性:自定义UserDetails和GrandtedAuthority实现,spring,authentication,spring-security,Spring,Authentication,Spring Security,我已经配置了以下身份验证管理器和内存中用户服务 <security:authentication-manager alias="authenticationManager"> <security:authentication-provider> <security:password-encoder ref="bcrypt" /> <security:user-service id="userService">
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider>
<security:password-encoder ref="bcrypt" />
<security:user-service id="userService">
<!-- 1234 -->
<security:user name="1" password="$2a$04$68Oq1PRWyHktgJ2E4Zs9reakETagh81UGEe/QF4V1FJo9kfVBvNHq" authorities="ROLE_1" />
<security:user name="2" password="$2a$04$68Oq1PRWyHktgJ2E4Zs9reakETagh81UGEe/QF4V1FJo9kfVBvNHq" authorities="ROLE_2" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
如何为Spring提供自定义的
UserDetails
和grandedauthority
实现,以便在身份验证机制期间填充身份验证
对象。您创建了一个实现UserDetailsService
的bean,并将其连接到身份验证提供程序:
<bean id="myUserDetailsService" class="org.example.MyUserDetailsService"/>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider user-service-ref="myUserDetailsService">
<!-- ... -->
</security:authentication-provider>
</security:authentication-manager>
在UserDetailsService
的实现中,您重写了loadUserByUsername()
方法
如果不想创建自定义用户类,org.springframework.security.core.userdetails
包含一个基本的user
类。您会注意到,构造函数有一个传递GrantedAuthority
集合的选项。基本实现是org.springframework.security.core.authority.SimpleGrantedAuthority