Spring Security 学习之数据库认证(2)

日期：2020-08-19 栏目：程序人生浏览：次

数据库安全认证配置示例：
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:jdbc="http://www.springframework.org/schema/jdbc" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/jdbc
http://www.springframework.org/schema/security/spring-security-3.2.xsd
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context/spring-context.xsd">
<context:component-scan base-package="com.stevex.demo" />
<security:http auto-config="true">
<security:intercept-url pattern="/admin" access="ROLE_ADMIN" />
<security:intercept-url pattern="/*" access="ROLE_USER" />
<security:form-login />
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:jdbc-user-service
data-source-ref="dataSource"
group-authorities-by-username-query="select g.id, g.group_name, ga.authority
from groups g, group_members gm, group_authorities ga
where gm.username = ? and g.id = ga.group_id and g.id = gm.group_id" />
</security:authentication-provider>
</security:authentication-manager>
<jdbc:embedded-database>
<jdbc:script location="classpath:security-schema.sql" />
<jdbc:script location="classpath:users.sql" />
</jdbc:embedded-database>
</beans>

embedded-database标签：Spring默认使用hsql，如果使用其他内存数据库，如Derby，需要指定。

jdbc-user-service标签：注入基于JDBC的UserDetailsService实现，默认即JdbcUserDetailsManager。

group-authorities-by-username-query标签：覆盖默认用户组权限查询SQL。

authentication-provider标签：如果没有设置ref属性引用其他bean时，默认使用DaoAuthenticationProvider， DaoAuthenticationProvider会调用UserDetailsService接口获取用户信息，并在登录时验证用户密码。

三、后语
本文提供一个基本实现参考供下载。

转载注明出处：http://www.heiqu.com/7836813fc361e20f587c7f0edabe436b.html

Spring Security 学习之数据库认证(2)

相关推荐