java 将 Spring Security 与 JPA 结合使用
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/4489703/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Use Spring Security with JPA
提问by Sagar
I am new to Spring.
我是春天的新手。
We are using spring security feature. Database connectivity: eclipselink implementation of JPA. Database: MySql
我们正在使用 spring 安全功能。数据库连接:JPA 的 eclipselink 实现。数据库:MySql
While using spring security, Configuration of authentication provider is as follows,-
在使用 spring security 时,身份验证提供程序的配置如下,-
<authentication-provider>
<jdbc-user-service id="userDetailsService" data-source-ref="Datasource" />
</authentication-provider>
But in JPA we do not define datasource, we use Persistence unit with provider jpa.PersistenceProvider.
但是在 JPA 中我们没有定义数据源,我们使用 Persistence unit with provider jpa.PersistenceProvider.
So how do we configure authentication provider so as to use JPA for database connectivity?
那么我们如何配置身份验证提供程序以便使用 JPA 进行数据库连接呢?
What exactly should data-source-ref field contain to use database for authentication?
要使用数据库进行身份验证,data-source-ref 字段究竟应该包含哪些内容?
Thank you in advance.
先感谢您。
回答by Sean Patrick Floyd
Basically you probably need to implement UserDetailsServiceyourself.
基本上你可能需要自己实现UserDetailsService。
So you would for example have a Userentity, and your UserDetailsServiceimplementation would look up the user and convert it to a UserDetailsobject (or your entity would have to implement UserDetails).
例如,您将拥有一个User实体,您的UserDetailsService实现将查找用户并将其转换为UserDetails对象(或者您的实体必须实现UserDetails)。
Sample implementation:
示例实现:
public class MyUserDetailsService implements UserDetailsService{
private EntityManager entityManager;
@PersistenceContext
public void setEntityManager(EntityManager newEm){
this.entityManager = newEm;
}
public UserDetails loadUserByUsername(String username){
// assuming that you have a User class that implements UserDetails
return entityManager.createQuery("from User where username = :username", User.class)
.setParameter("username", username)
.getSingleResult();
}
}
And you add this to user spring-security.xml
你把这个添加到用户 spring-security.xml
<authentication-manager>
<authentication-provider user-service-ref="MyUserDetailsService" />
</authentication-manager>
回答by craftsman
An easier way for authentication in your case is to get one of your service layer classes implement org.springframework.security.core.userdetails.UserDetailsServiceinterface. This interface contain only one method UserDetails loadUserByUsername(String username). You have to make sure that you return a UserDetailsinstance for a given username.
在您的情况下,一种更简单的身份验证方法是让您的服务层类之一实现org.springframework.security.core.userdetails.UserDetailsService接口。这个接口只包含一个方法UserDetails loadUserByUsername(String username)。您必须确保UserDetails为给定的用户名返回一个实例。
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException, DataAccessException {
// load and return user using your regular JPA techniques here
...
}
Once you have implemented this method in your service class, you will simply need to add its reference your spring configuration file:
一旦你在你的服务类中实现了这个方法,你只需要在你的 spring 配置文件中添加它的引用:
<authentication-manager>
<authentication-provider user-service-ref="myServiceLayerClassInstance">
</authentication-provider>
</authentication-manager>
