acegi security實踐教程—定製userDetailsService

前面我們都是使用默認的UserDetailsService，無論是使用InMemoryDaoImpl還是JdbcDaoImpl這種形式。那這篇文章給大家講解如何自定義userDetailsService，正如咱們前面寫過自己的logoutFilter類。

源碼講解

UserDetailsService是個對用戶信息操作的接口，其中只有一個方法UserDetails loadUserByUsername(String username)，若自定義userDetailsService則需要實現acegi中的userDetailsService接口，實現此方法即可。

  package org.acegisecurity.userdetails;
  import org.springframework.dao.DataAccessException;
  public abstract interface UserDetailsService
 {
    public abstract UserDetails loadUserByUsername(String paramString)
    throws UsernameNotFoundException, DataAccessException;
  }

另外，此方法返回的UserDetails也是接口，acegi中實現其接口的類是User，所以若自定義返回結果，也須實現acegi中的UserDetails接口。

package org.acegisecurity.userdetails;
import java.io.Serializable;
import org.acegisecurity.GrantedAuthority;
public abstract interface UserDetails extends Serializable
{
  public abstract GrantedAuthority[] getAuthorities();
  public abstract String getPassword();
  public abstract String getUsername();
  public abstract boolean isAccountNonExpired();
  public abstract boolean isAccountNonLocked();
  public abstract boolean isCredentialsNonExpired();
  public abstract boolean isEnabled();
}

開發步驟：

開發環境：

MyEclispe10.7.1+tomcat6.0.37+acegi1.0.5+spring2.0+oracle10g+dbcp數據源

項目目錄如下：

其中readme主要用來記錄本次驗證目的

代碼關鍵：

jdbcTemplate.queryForList返回的map類型的List，其中map的key值默認是數據庫列名。

實現UserDetail中的GrantedAuthority[] authorities 是個接口形式，主要存放權限信息。獲取的list對象轉化成數組對象如下：

for(int i=0;i<dbAuths.size();i++){
String auth=(String)dbAuths.get(i).get("AUTHS");
GrantedAuthorityImpl authority = new GrantedAuthorityImpl(auth);
listAuth.add(authority);
}
GrantedAuthority[] arrayAuths = (GrantedAuthority[]) listAuth.toArray(new GrantedAuthority[listAuth.size()]);

另外注意：實現UserDetail類中方法，默認爲false，根據實際情況而定，若不做處理，可以設置爲true。

   public boolean isAccountNonExpired() {
// TODO Auto-generated method stub
return true;
}
@Override
public boolean isAccountNonLocked() {
// TODO Auto-generated method stub
return true;
}
@Override
public boolean isCredentialsNonExpired() {
// TODO Auto-generated method stub
return true;
}
@Override
public boolean isEnabled() {
// TODO Auto-generated method stub
if("1".equals(enabled)){
return true;
}else{
return false;
}
}

定製類：

package com.extend;

import java.util.ArrayList;
import java.util.List;
import java.util.Map;

import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.userdetails.User;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.UserDetailsService;
import org.acegisecurity.userdetails.UsernameNotFoundException;
import org.springframework.dao.DataAccessException;
import org.springframework.jdbc.core.JdbcTemplate;

public class MyUserDetailService implements UserDetailsService {

	 private JdbcTemplate jdbcTemplate;
	@Override
	public UserDetails loadUserByUsername(String username)
			throws UsernameNotFoundException, DataAccessException {
		//根據用戶名查詢用戶基本信息
		String baseSql="select * from test_user t where t.user_name=?";
		List<Map> list=this.jdbcTemplate.queryForList(baseSql,new Object[]{username});
		if(list.size()==0){
			throw new UsernameNotFoundException("User not Found");
		}
		Map pMap=(Map)list.get(0);
		MyUser myUser=new MyUser();
		myUser.setUsername((String)pMap.get("USER_NAME"));
		myUser.setPassword((String)pMap.get("PWD"));
		myUser.setEnabled((String)pMap.get("ENABLED"));
		//根據用戶名查詢用戶權限信息
		String authSql="select AUTHS from test_auths t where t.user_name=?";
		List<Map> dbAuths=this.jdbcTemplate.queryForList(authSql,new Object[]{username});
		if(dbAuths.size()==0){
			throw new UsernameNotFoundException("User has no GrantAuthority");
		}
		List listAuth=new ArrayList();
		for(int i=0;i<dbAuths.size();i++){
			String auth=(String)dbAuths.get(i).get("AUTHS");
			GrantedAuthorityImpl authority = new GrantedAuthorityImpl(auth);
			listAuth.add(authority);
		}
    	GrantedAuthority[] arrayAuths = (GrantedAuthority[]) listAuth.toArray(new GrantedAuthority[listAuth.size()]);
		myUser.setAuthorities(arrayAuths);
		return myUser;
	}
	public JdbcTemplate getJdbcTemplate() {
		return jdbcTemplate;
	}
	public void setJdbcTemplate(JdbcTemplate jdbcTemplate) {
		this.jdbcTemplate = jdbcTemplate;
	}

}

package com.extend;

import java.util.ArrayList;
import java.util.List;
import java.util.Map;

import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.userdetails.User;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.UserDetailsService;
import org.acegisecurity.userdetails.UsernameNotFoundException;
import org.springframework.dao.DataAccessException;
import org.springframework.jdbc.core.JdbcTemplate;

public class MyUserDetailService implements UserDetailsService {

	 private JdbcTemplate jdbcTemplate;
	@Override
	public UserDetails loadUserByUsername(String username)
			throws UsernameNotFoundException, DataAccessException {
		//根據用戶名查詢用戶基本信息
		String baseSql="select * from test_user t where t.user_name=?";
		List<Map> list=this.jdbcTemplate.queryForList(baseSql,new Object[]{username});
		if(list.size()==0){
			throw new UsernameNotFoundException("User not Found");
		}
		Map pMap=(Map)list.get(0);
		MyUser myUser=new MyUser();
		myUser.setUsername((String)pMap.get("USER_NAME"));
		myUser.setPassword((String)pMap.get("PWD"));
		myUser.setEnabled((String)pMap.get("ENABLED"));
		//根據用戶名查詢用戶權限信息
		String authSql="select AUTHS from test_auths t where t.user_name=?";
		List<Map> dbAuths=this.jdbcTemplate.queryForList(authSql,new Object[]{username});
		if(dbAuths.size()==0){
			throw new UsernameNotFoundException("User has no GrantAuthority");
		}
		List listAuth=new ArrayList();
		for(int i=0;i<dbAuths.size();i++){
			String auth=(String)dbAuths.get(i).get("AUTHS");
			GrantedAuthorityImpl authority = new GrantedAuthorityImpl(auth);
			listAuth.add(authority);
		}
    	GrantedAuthority[] arrayAuths = (GrantedAuthority[]) listAuth.toArray(new GrantedAuthority[listAuth.size()]);
		myUser.setAuthorities(arrayAuths);
		return myUser;
	}
	public JdbcTemplate getJdbcTemplate() {
		return jdbcTemplate;
	}
	public void setJdbcTemplate(JdbcTemplate jdbcTemplate) {
		this.jdbcTemplate = jdbcTemplate;
	}

}

acegi配置文件：

>    <!-- 從數據庫中讀取用戶信息驗證身份 -->
	<bean id="daoAuthenticationProvider"
		class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
		<property name="userDetailsService" ref="userDetailsService" />
	</bean>

    <!-- 把用戶信息、權限信息放到數據庫中-->
	<bean id="userDetailsService"
		class="com.extend.MyUserDetailService">
		<property name="jdbcTemplate" ref="JdbcTemplate"> </property>
	</bean>
	<bean id="JdbcTemplate" class="org.springframework.jdbc.core.JdbcTemplate">
	   <property name="dataSource" ref="dataSource"></property>
	</bean>
	<!-- 數據源的綁定 -->
    <bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource"            
        destroy-method="close">            
	    <property name="driverClassName" value="oracle.jdbc.driver.OracleDriver" />           
	    <property name="url" value="jdbc:oracle:thin:@127.0.0.1:1521:orclnew" />           
	    <property name="username" value="drp"/>           
	    <property name="password" value="drp" />           
    </bean>

debug流程：

上述帶領大家進入debug調試，是爲了通過分析源碼進一步瞭解acegi的調用流程。

acegi security實踐教程—定製userDetailsService

源碼講解

開發步驟：

開發環境：

項目目錄如下：

代碼關鍵：

定製類：

acegi配置文件：

debug流程：

項目下載：

釘釘打卡速度慢

Nginx R31 doc 官方文檔-01-nginx 如何安裝

Qt/C++音視頻開發74-合併標籤圖形/生成yolo運算結果圖形/文字和圖形合併成一個/水印濾鏡

挑戰程序設計競賽 2.2章習題 POJ - 3617 Best Cow Line 貪心

字節面試：MySQL什麼時候鎖表？如何防止鎖表？

.NET8連接SQL SERVER 2008 R2 報：證書鏈是由不受信任的頒發機構頒發的

golang開發環境搭建(win10)

python計算機視覺學習筆記——PIL庫的用法

Golang初學：獲取程序內存使用情況，std runtime

acegi security實踐教程—logoutFilter應用以及調試

界面化的centos5.5系統 root用戶忘記密碼解決方案

acegi security實踐教程—form認證之debug調試

acegi security實踐教程—basic認證之debug調試

acegi security實踐教程—簡單定製logoutFilter

https://yachay.unat.edu.pe/blog/index.php?comment_area=format_blog&comment_component=blog&comment_co

linux以太網驅動總結