您必须制作自己的自定义身份验证提供程序。
示例代码:
从Hibernate加载用户的服务:
import org.springframework.security.core.userdetails.UserDetails;import org.springframework.security.core.userdetails.UserDetailsService;import org.springframework.security.core.userdetails.UsernameNotFoundException;@Service("userDetailsService") public class UserDetailsServiceImpl implements UserDetailsService { @Autowired private UserDao dao; @Autowired private Assembler assembler; @Transactional(readonly = true) public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { UserDetails userDetails = null; UserEntity userEntity = dao.findByName(username); if (userEntity == null) throw new UsernameNotFoundException("user not found"); return assembler.buildUserFromUserEntity(userEntity); }}将您的实体转换为spring用户对象的服务:
import org.springframework.security.core.GrantedAuthority;import org.springframework.security.core.authority.GrantedAuthorityImpl;import org.springframework.security.core.userdetails.User;@Service("assembler")public class Assembler { @Transactional(readonly = true) User buildUserFromUserEntity(UserEntity userEntity) { String username = userEntity.getName(); String password = userEntity.getPassword(); boolean enabled = userEntity.isActive(); boolean accountNonExpired = userEntity.isActive(); boolean credentialsNonExpired = userEntity.isActive(); boolean accountNonLocked = userEntity.isActive(); Collection<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>(); for (SecurityRoleEntity role : userEntity.getRoles()) { authorities.add(new GrantedAuthorityImpl(role.getRoleName())); } User user = new User(username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities, id); return user; }}基于命名空间的application-context-security.xml如下所示:
<http> <intercept-url pattern="/login.do*" filters="none"/> <intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" /> <form-login login-page="/login.do" authentication-failure-url="/login.do?error=failed" login-processing-url="/login-please.do" /> <logout logout-url="/logoff-please.do" logout-success-url="/logoff.html" /></http><beans:bean id="daoAuthenticationProvider" > <beans:property name="userDetailsService" ref="userDetailsService"/></beans:bean><beans:bean id="authenticationManager" > <beans:property name="providers"> <beans:list> <beans:ref local="daoAuthenticationProvider" /> </beans:list> </beans:property></beans:bean><authentication-manager> <authentication-provider user-service-ref="userDetailsService"> <password-enprer hash="md5"/> </authentication-provider></authentication-manager>
