一、

1.It’s quite common for user data to be stored in a relational database, accessed via JDBC . To configure Spring Security to authenticate against a JDBC -backed user store,you can use the jdbcAuthentication() method. The minimal configuration required is as follows:

   在数据库保存用户数据

   @Autowired

   DataSource dataSource;

   @Override

     protected void configure(AuthenticationManagerBuilder auth) throws Exception {

         auth.jdbcAuthentication().dataSource(dataSource);

     }

The only thing you must configure is a DataSource so that it’s able to access the relational database. The DataSource is provided here via the magic of autowiring.

2.重写默认的查询语句

Although this minimal configuration will work, it makes some assumptions about your database schema. It expects that certain tables exist where user data will be kept. More specifically, the following snippet of code from Spring Security’s internals shows the SQL queries that will be performed when looking up user details:

 public static final String DEF_USERS_BY_USERNAME_QUERY =

     "select username,password,enabled " +

     "from users " +

     "where username = ?";

 public static final String DEF_AUTHORITIES_BY_USERNAME_QUERY =

     "select username,authority " +

     "from authorities " +

     "where username = ?";

 public static final String DEF_GROUP_AUTHORITIES_BY_USERNAME_QUERY =

     "select g.id, g.group_name, ga.authority " +

     "from groups g, group_members gm, group_authorities ga " +

     "where gm.username = ? " +

     "and g.id = ga.group_id " +

     "and g.id = gm.group_id";

If you’re okay with defining and populating tables in your database that satisfy those queries, then there’s not much else for you to do. But chances are your database doesn’t look anything like this, and you’ll want more control over the queries. In that case, you can configure your own queries like this:

 @Override

 protected void configure(AuthenticationManagerBuilder auth)

 throws Exception {

     auth

         .jdbcAuthentication()

         .dataSource(dataSource)

         .usersByUsernameQuery(

             "select username, password, true " +

             "from Spitter where username=?")

         .authoritiesByUsernameQuery(

             "select username, 'ROLE_USER' from Spitter where username=?");

 }

3.

SPRING IN ACTION 第4版笔记-第九章Securing web applications-003-把用户数据存在数据库的更多相关文章

  1. SPRING IN ACTION 第4版笔记-第九章Securing web applications-001-SpringSecurity简介(DelegatingFilterProxy、AbstractSecurityWebApplicationInitializer、WebSecurityConfigurerAdapter、@EnableWebSecurity、@EnableWebMvcS)

    一.SpringSecurity的模块 At the least, you’ll want to include the Core and Configuration modules in your ...

  2. SPRING IN ACTION 第4版笔记-第九章Securing web applications-011-把敏感信息请求转为https(requiresChannel())

    1.把包含敏感信息的请求转为https请求,则较为安全,但如何只把有需要安全的请求转为https,而不是不加分辩就把所有请求都转为https呢?可以用requiresChannel() @Overri ...

  3. SPRING IN ACTION 第4版笔记-第九章Securing web applications-010-拦截请求

    一. What if you wanted to restrict access to certain roles only on Tuesday? Using the access() method ...

  4. SPRING IN ACTION 第4版笔记-第九章Securing web applications-008-使用非关系型数据库时如何验证用户(自定义UserService)

    一. 1.定义接口 Suppose that you need to authenticate against users in a non-relational database suchas Mo ...

  5. SPRING IN ACTION 第4版笔记-第九章Securing web applications-007-设置LDAP server比较密码(contextSource、root()、ldif()、)

    一.LDAP server在哪 By default, Spring Security’s LDAP authentication assumes that the LDAP server is li ...

  6. SPRING IN ACTION 第4版笔记-第九章Securing web applications-004-对密码加密passwordEncoder

    一. 1.Focusing on the authentication query, you can see that user passwords are expected to be stored ...

  7. SPRING IN ACTION 第4版笔记-第九章Securing web applications-002-把用户数据存在memory里(AuthenticationManagerBuilder、 UserDetailsManagerConfigurer.UserDetailsBuilder)

    Spring Security is extremely flexible and is capable of authenticating users against virtually any d ...

  8. SPRING IN ACTION 第4版笔记-第九章Securing web applications-009-拦截请求()

    一. 对特定的请求拦截 For example, consider the requests served by the Spittr application. Certainly, thehome ...

  9. SPRING IN ACTION 第4版笔记-第九章Securing web applications-006-用LDAP比较密码(passwordCompare()、passwordAttribute("passcode")、passwordEncoder(new Md5PasswordEncoder()))

    一. The default strategy for authenticating against LDAP is to perform a bind operation,authenticatin ...

随机推荐

  1. iOS 非ARC基本内存管理系列 5-autorelease方法使用总结

    autorelase:可以将对象交给自动释放池中,释放池销毁的时候对里面的对象做一次release操作代码如下 @autoreleasepool { Person *person = [[[Perso ...

  2. CCNA第一讲笔记

    园区网:一组连续的局域网(校园网.企业内部网) 园区网拓扑: 一层楼的PC连接到一台交换机(同一层的PC可以互联):一栋楼的每层的交换机连接到同一台交换机(整栋楼的PC可以互联):每栋楼的交换机连接到 ...

  3. EF迁移

    第一步是为上下文启用迁移Enable-Migrations 命令 Add-Migration AddBlogUrl 将根据自创建上次迁移以来您对模型所做的更改,为下一次迁移搭建基架. Update-D ...

  4. html5画四边形

    <canvas id='test02'></canvas> <script> var canvas = document.getElementById('test0 ...

  5. Cassandra1.2文档学习(16)—— 模式的变化

    参考文档:http://www.datastax.com/documentation/cassandra/1.2/webhelp/index.html#cassandra/dml/dml_schema ...

  6. (转载)MS SQL Server 未公开的加密函数有哪些?

    MS SQL Server 未公开的加密函数有哪些? 以下的文章是对MS SQL Server 未公开的加密函数的具体操作,如果你对其相关的实际操作有兴趣的话,你就可以点击了. MS SQL Serv ...

  7. 使用Java反射(Reflect)、自定义注解(Customer Annotation)生成简单SQL语句

    这次给大家介绍一下在Java开发过程中 使用自定义注解开发:主要知识点:            1.反射            主要用于提取注解信息            2.自定义异常  主要是为了 ...

  8. linux 输入子系统(4)---- input子系统的初始化

    Input子系统的初始化函数为input_init(),如下: static int __init input_init(void) { int err; input_init_abs_bypass( ...

  9. Linux tar 解压缩命令

    tar -c: 建立压缩档案 -x:解压 -t:查看内容 -r:向压缩归档文件末尾追加文件 -u:更新原压缩包中的文件 这五个是独立的命令,压缩解压都要用到其中一个,可以和别的命令连用但只能用其中一个 ...

  10. Linux ps 命令获取查询结果中的单列信息

    1.查看所有进程信息,但是只想获取COMMAND列的值 SDCxM-SDCAM-root-root> ps auxUSER       PID %CPU %MEM    VSZ   RSS TT ...