一、

1.It’s quite common for user data to be stored in a relational database, accessed via JDBC . To configure Spring Security to authenticate against a JDBC -backed user store,you can use the jdbcAuthentication() method. The minimal configuration required is as follows:

   在数据库保存用户数据

   @Autowired

   DataSource dataSource;

   @Override

     protected void configure(AuthenticationManagerBuilder auth) throws Exception {

         auth.jdbcAuthentication().dataSource(dataSource);

     }

The only thing you must configure is a DataSource so that it’s able to access the relational database. The DataSource is provided here via the magic of autowiring.

2.重写默认的查询语句

Although this minimal configuration will work, it makes some assumptions about your database schema. It expects that certain tables exist where user data will be kept. More specifically, the following snippet of code from Spring Security’s internals shows the SQL queries that will be performed when looking up user details:

 public static final String DEF_USERS_BY_USERNAME_QUERY =

     "select username,password,enabled " +

     "from users " +

     "where username = ?";

 public static final String DEF_AUTHORITIES_BY_USERNAME_QUERY =

     "select username,authority " +

     "from authorities " +

     "where username = ?";

 public static final String DEF_GROUP_AUTHORITIES_BY_USERNAME_QUERY =

     "select g.id, g.group_name, ga.authority " +

     "from groups g, group_members gm, group_authorities ga " +

     "where gm.username = ? " +

     "and g.id = ga.group_id " +

     "and g.id = gm.group_id";

If you’re okay with defining and populating tables in your database that satisfy those queries, then there’s not much else for you to do. But chances are your database doesn’t look anything like this, and you’ll want more control over the queries. In that case, you can configure your own queries like this:

 @Override

 protected void configure(AuthenticationManagerBuilder auth)

 throws Exception {

     auth

         .jdbcAuthentication()

         .dataSource(dataSource)

         .usersByUsernameQuery(

             "select username, password, true " +

             "from Spitter where username=?")

         .authoritiesByUsernameQuery(

             "select username, 'ROLE_USER' from Spitter where username=?");

 }

3.

SPRING IN ACTION 第4版笔记-第九章Securing web applications-003-把用户数据存在数据库的更多相关文章

  1. SPRING IN ACTION 第4版笔记-第九章Securing web applications-001-SpringSecurity简介(DelegatingFilterProxy、AbstractSecurityWebApplicationInitializer、WebSecurityConfigurerAdapter、@EnableWebSecurity、@EnableWebMvcS)

    一.SpringSecurity的模块 At the least, you’ll want to include the Core and Configuration modules in your ...

  2. SPRING IN ACTION 第4版笔记-第九章Securing web applications-011-把敏感信息请求转为https(requiresChannel())

    1.把包含敏感信息的请求转为https请求,则较为安全,但如何只把有需要安全的请求转为https,而不是不加分辩就把所有请求都转为https呢?可以用requiresChannel() @Overri ...

  3. SPRING IN ACTION 第4版笔记-第九章Securing web applications-010-拦截请求

    一. What if you wanted to restrict access to certain roles only on Tuesday? Using the access() method ...

  4. SPRING IN ACTION 第4版笔记-第九章Securing web applications-008-使用非关系型数据库时如何验证用户(自定义UserService)

    一. 1.定义接口 Suppose that you need to authenticate against users in a non-relational database suchas Mo ...

  5. SPRING IN ACTION 第4版笔记-第九章Securing web applications-007-设置LDAP server比较密码(contextSource、root()、ldif()、)

    一.LDAP server在哪 By default, Spring Security’s LDAP authentication assumes that the LDAP server is li ...

  6. SPRING IN ACTION 第4版笔记-第九章Securing web applications-004-对密码加密passwordEncoder

    一. 1.Focusing on the authentication query, you can see that user passwords are expected to be stored ...

  7. SPRING IN ACTION 第4版笔记-第九章Securing web applications-002-把用户数据存在memory里(AuthenticationManagerBuilder、 UserDetailsManagerConfigurer.UserDetailsBuilder)

    Spring Security is extremely flexible and is capable of authenticating users against virtually any d ...

  8. SPRING IN ACTION 第4版笔记-第九章Securing web applications-009-拦截请求()

    一. 对特定的请求拦截 For example, consider the requests served by the Spittr application. Certainly, thehome ...

  9. SPRING IN ACTION 第4版笔记-第九章Securing web applications-006-用LDAP比较密码(passwordCompare()、passwordAttribute("passcode")、passwordEncoder(new Md5PasswordEncoder()))

    一. The default strategy for authenticating against LDAP is to perform a bind operation,authenticatin ...

随机推荐

  1. java新手笔记28 文件

    1.目录.文件 package com.yfs.javase; import java.io.File; public class FileDemo1 { /** * File 目录 文件 */ pu ...

  2. Zookeeper-集群环境搭建

    一般为单数台机器,操作系统为linux. zookeeper为java编写,所以必须有java的运行环境. 下载地址:http://mirrors.hust.edu.cn/apache/zookeep ...

  3. [EAP]将hostapd作为radius服务器搭建EAP认证环境

    文章主要由以下几部分组成: 0.概念理解: WPA/WPA2,EAP,IEEE, 802.11i, WiFi联盟, 802.1x 1.编译hostapd 2.配置hostapd的conf文件 3.外接 ...

  4. Docker容器里时间与宿主机不同步

    docker容器里时间设置: 第一种: Dockerfile文件中添加一行:RUN cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime或者 第二种: ...

  5. [转]PHP5.5安装PHPRedis扩展

    phpredis是个人觉得最好的一个php-redis客户端,因为其提供的function与redis的命令基本一致,降低的了学习成本,同时功能也很全面. 一.linux安装方法 phpredis下载 ...

  6. 浅谈Javascript闭包

    垃圾回收器 我个人把闭包抽象的称之为”阻止垃圾回收器的函数”或者”有权访问另一个函数内部变量的函数"(当然这个是我个人的理解方式,每个人可能会有不同的理解方式),为什么这样说?这样说还得说说 ...

  7. AngularJS(9)-表单

    AngularJS 表单是输入控件的集合 <!DOCTYPE html> <html lang="en"> <head> <meta ch ...

  8. Building microservices with Spring Cloud and Netflix OSS, part 2

    In Part 1 we used core components in Spring Cloud and Netflix OSS, i.e. Eureka, Ribbon and Zuul, to ...

  9. linux计划任务运行php文件的方法分享

    在linux下,借助crontab,设置计划任务每天6点10分执行filename.php文件,写入一行时间到log日志中. 创建计划任务的脚本: dos2unix /path/to/filename ...

  10. 去掉iphone手机滑动默认行为

    /*去掉iphone手机滑动默认行为*/ $('body').on('touchmove', function (event) { event.preventDefault(); });