我已经配置了以下身份验证管理器和内存用户服务
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider>
<security:password-encoder ref="bcrypt" />
<security:user-service id="userService">
<!-- 1234 -->
<security:user name="1" password="$2a$04$68Oq1PRWyHktgJ2E4Zs9reakETagh81UGEe/QF4V1FJo9kfVBvNHq" authorities="ROLE_1" />
<security:user name="2" password="$2a$04$68Oq1PRWyHktgJ2E4Zs9reakETagh81UGEe/QF4V1FJo9kfVBvNHq" authorities="ROLE_2" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
如何为Spring提供自定义的UserDetails
和GrandtedAuthority
实现,以便在身份验证机制期间填充Authentication
对象。
答案 0 :(得分:0)
您创建实现UserDetailsService
的bean并将其连接到身份验证提供者:
<bean id="myUserDetailsService" class="org.example.MyUserDetailsService"/>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider user-service-ref="myUserDetailsService">
<!-- ... -->
</security:authentication-provider>
</security:authentication-manager>
在实现UserDetailsService
时,您将覆盖loadUserByUsername()
方法。
如果您不想创建自定义用户类,则org.springframework.security.core.userdetails
包含一个基本的User
类。您会注意到,构造函数可以选择传递GrantedAuthority
的集合。基本实现是org.springframework.security.core.authority.SimpleGrantedAuthority
。