【问题标题】:how to check multiple tables in spring security for authentication如何在spring security中检查多个表以进行身份​​验证
【发布时间】:2012-01-01 15:55:05
【问题描述】:

我在 applicationContext-Security.xml 中为 Spring Security 编写了以下代码:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
    http://www.springframework.org/schema/security
    http://www.springframework.org/schema/security/spring-security-3.0.xsd">

<global-method-security secured-annotations="enabled">
</global-method-security>

<!-- URL pattern based security -->


<http auto-config="true">
    <intercept-url pattern="/common/*" access="ROLE_ADMIN" />
     <form-login login-page="/login/login.jsp"/>
    <logout logout-success-url="/home/index.jsp"/>
</http>

<authentication-manager>
    <authentication-provider>

        <!-- <password-encoder hash="md5"/> <user-service> <user name="admin" 
            password="65dc70650690999922d7dcd99dbd4033" authorities="ROLE_ADMIN"/> </user-service> -->

        <jdbc-user-service data-source-ref="dataSource"
            authorities-by-username-query="
            select admin.userName as username, auth.authority as authority from Administrators admin, Authorities auth
            where admin.id=auth.AdministratorId and admin.userName= ?"
            users-by-username-query="select userName as username,hashedPassword as password, enabled as enabled
                                        from Administrators where userName= ?" />

    </authentication-provider>
</authentication-manager>

</beans:beans>

在那个 xml 文件中,我只能从数据库中检查管理员表的角色。 如何检查其他表(例如内部用户、管理员和外部用户表)以检查角色?我是否需要在新类中编写查询而不是在 xml 中编写。请给我任何想法或建议,因为我刚刚开始这样做。给我任何链接或站点或代码以查看。谢谢

【问题讨论】:

    标签: java database spring spring-security


    【解决方案1】:

    如果您在 Spring Security schema definition 中搜索 authentication-provider,您将看到它的最大出现次数不受限制。因此,您可以为您需要在&lt;/authentication-manager&gt; 中访问的每个表添加一个&lt;authentication-provider&gt;,例如

    <authentication-manager>
        <authentication-provider>
            <jdbc-user-service data-source-ref="dataSource"
                authorities-by-username-query="select [...] from Administrators" 
            .../>
        </authentication-provider>
    
        <authentication-provider>
            <jdbc-user-service data-source-ref="dataSource"
                authorities-by-username-query="select [...] from Users" 
            .../>
        </authentication-provider>
    </authentication-manager>
    

    【讨论】:

      猜你喜欢
      • 2014-02-01
      • 2016-09-13
      • 2013-05-19
      • 2016-02-10
      • 2011-04-30
      • 2012-11-27
      • 2019-02-07
      • 2021-04-29
      相关资源
      最近更新 更多