【发布时间】:2012-01-01 15:55:05
【问题描述】:
我在 applicationContext-Security.xml 中为 Spring Security 编写了以下代码:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<global-method-security secured-annotations="enabled">
</global-method-security>
<!-- URL pattern based security -->
<http auto-config="true">
<intercept-url pattern="/common/*" access="ROLE_ADMIN" />
<form-login login-page="/login/login.jsp"/>
<logout logout-success-url="/home/index.jsp"/>
</http>
<authentication-manager>
<authentication-provider>
<!-- <password-encoder hash="md5"/> <user-service> <user name="admin"
password="65dc70650690999922d7dcd99dbd4033" authorities="ROLE_ADMIN"/> </user-service> -->
<jdbc-user-service data-source-ref="dataSource"
authorities-by-username-query="
select admin.userName as username, auth.authority as authority from Administrators admin, Authorities auth
where admin.id=auth.AdministratorId and admin.userName= ?"
users-by-username-query="select userName as username,hashedPassword as password, enabled as enabled
from Administrators where userName= ?" />
</authentication-provider>
</authentication-manager>
</beans:beans>
在那个 xml 文件中,我只能从数据库中检查管理员表的角色。 如何检查其他表(例如内部用户、管理员和外部用户表)以检查角色?我是否需要在新类中编写查询而不是在 xml 中编写。请给我任何想法或建议,因为我刚刚开始这样做。给我任何链接或站点或代码以查看。谢谢
【问题讨论】:
标签: java database spring spring-security