我从春天开始阅读有关Spring spring的内容,我想实现这个:我有一个Web应用程序,其中有两种用户存储在数据库中:
1)管理员
2)的客户端
这是spring-security.xml:
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.3.xsd">
<http auto-config="true">
<intercept-url pattern="/welcome*" access="ROLE_USER" />
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="name" password="password" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
所以如何联系:
<user-service>
<user name="name" password="password" authorities="ROLE_USER" />
</user-service>
对数据库用户条目(管理员和客户端)?
我将此部分添加到web.xml:
<!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>
org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
答案 0 :(得分:2)
你不能这样映射。
为此,您需要使用自定义UserDetailsService。使用userDetailsService,您可以从数据库加载用户并将其传递给spring安全框架。
public class UserDetailsServiceImpl implements UserDetailsService {
public UserDetails loadUserByUsername(String userName)
throws UsernameNotFoundException, DataAccessException {
User user = getUser(userName); //Load user from database
if (user == null) {
throw new UsernameNotFoundException("User not found: " + userName);
}
return user;
}
}
的security.xml
<authentication-manager>
<authentication-provider user-service-ref="userDetailsService" />
</authentication-manager>