个人中心
gpt4 book ai didi

mysql - Spring Security + Hibernate 认证

转载 作者:行者123 更新时间:2023-11-29 02:26:07 25 4
gpt4 key购买 nike

我有JSF 2.2 , Primefaces 3.5 , Spring , Spring Security 3.x , Hibernate 4 , MySQL网络应用程序。

我启用了Spring Security按预期工作,但我使用了 <user-service/>我在其中创建了两个具有不同角色的用户(“ROLE_USER”、“ROLE_ADMIN”)。现在我想搜索数据库中的每个用户,而不是在 <user-service/> 中手动创建它们.

应用程序上下文.xml:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
       xmlns:tx="http://www.springframework.org/schema/tx"
       xmlns:context="http://www.springframework.org/schema/context"
       xmlns:sec="http://www.springframework.org/schema/security"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">


    <!--            GLOABL SETTINGS             -->


    <context:component-scan base-package="com.infostroy.adminportal"/>
    <tx:annotation-driven transaction-manager="transactionManager" proxy-target-class="true"/>


    <!--        DATA SOURCE AND PERSISTENCE SETTINGS       -->


    <bean id="propertiesPlaceholderConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
        <property name="locations">
            <list>
                <value>classpath:db.properties</value>
            </list>
        </property>
    </bean>

    <bean id="sessionFactory" class="org.springframework.orm.hibernate4.LocalSessionFactoryBean">
        <property name="dataSource" ref="dmDataSource"/>
        <property name="packagesToScan" value="com.infostroy.adminportal"/>
        <property name="hibernateProperties">
            <props>
                <prop key="hibernate.dialect">${db.dialect}</prop>
                <prop key="hibernate.show_sql">${db.show_sql}</prop>
                <prop key="hibernate.hbm2ddl.auto">${db.hbm2ddl_auto}</prop>
                <prop key="connection.pool_size">${db.pool_size}</prop>
                <prop key="current_session_context_class">${db.current_session_context_class}</prop>
                <prop key="org.hibernate.FlushMode">${db.flush_mode}</prop>
            </props>
        </property>
    </bean>


    <bean id="transactionManager"
          class="org.springframework.orm.hibernate4.HibernateTransactionManager">
        <property name="dataSource" ref="dmDataSource" />
        <property name="sessionFactory" ref="sessionFactory" />
    </bean>


    <bean id="dmDataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
        <property name="driverClassName" value="${db.driver}" />
        <property name="url" value="${db.url}" />
        <property name="username" value="${db.username}" />
        <property name="password" value="${db.password}" />
        <property name="maxWait" value="5000" />
        <property name="initialSize" value="2" />
        <property name="maxActive" value="100"/>
        <property name="maxIdle" value="50"/>
        <property name="minIdle" value="0"/>
    </bean>

</beans>

spring-security.xml:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xmlns:beans="http://www.springframework.org/schema/beans"
             xsi:schemaLocation="
http://www.springframework.org/schema/beans 
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd 
http://www.springframework.org/schema/security 
http://www.springframework.org/schema/security/spring-security-3.1.xsd">



    <http auto-config="false" use-expressions="true">
        <intercept-url pattern="/protected/*" access="isAuthenticated()"/>
        <form-login login-page="/login.xhtml" login-processing-url="/j_spring_security_check"
                        default-target-url="/protected/home.xhtml"
                        authentication-failure-url="/loginFailed.xhtml"/>
    </http>




    <authentication-manager>
        <authentication-provider>
            <user-service>
                <user name="c" password="c" authorities="ROLE_ADMIN" />
                <user name="q" password="q" authorities="ROLE_USER" />
            </user-service>
        </authentication-provider>
    </authentication-manager>


</beans:beans>

这是创建用户表的脚本:

CREATE TABLE users (
user_id INT AUTO_INCREMENT,
first_name VARCHAR(20),
last_name VARCHAR(20),
login VARCHAR(20) NOT NULL UNIQUE,
password VARCHAR(32) NOT NULL,
role VARCHAR(20) NOT NULL,
PRIMARY KEY(user_id)
) ENGINE=InnoDB;

有人知道怎么实现吗?每个答案都受到高度赞赏并迅速做出回应!

谢谢。

最佳答案

只需将身份验证管理器更改为:

        <authentication-manager>
           <authentication-provider>
            <jdbc-user-service data-source-ref="dmDataSource"

               users-by-username-query="
                  select login as username,password, 1 as enabled 
                  from users where login=?" 

               authorities-by-username-query="
                  select login as username, role as authority from users 
                  where login =?  " 

            />
           </authentication-provider>
        </authentication-manager>

我假设登录字段是用户名。我对启用标志进行了硬编码,这是必需的。如果您以后添加 deleteflag 或 enabled 标志,您可以替换它。

关于mysql - Spring Security + Hibernate 认证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/21514838/

25 4 0
文章推荐: java - 如何使用 Volley 发送文件格式
文章推荐: ios - 如何在数组中创建一个数组,然后检查它是否包含字符串。 ( swift )
文章推荐: android - Workmanager 在待机和休眠模式下不工作
文章推荐: ios - 在 Background Swift 中循环并将 json 数据附加到 UIImage[]
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com