6

I want to use Spring security to authenticate users in my web application.. Since am not a matured user to Spring framework ,i can't get a clear idea about how we can do the configuration settings to use jdbc-user-service .. i had done the following configurations.but its not working

<authentication-manager>
    <authentication-provider>
         <jdbc-user-service data-source-ref="myDataSource"/>
    </authentication-provider>        
</authentication-manager>
<beans:bean id="myDataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
    <beans:property name="driverClassName" value="com.mysql.jdbc.Driver"/>
    <beans:property name="url" value="jdbc:mysql://localhost:3306/testDB"/>
    <beans:property name="username" value="admin"/>
    <beans:property name="password" value="admin"/>
</beans:bean>

..can anyone please help me to solve the issue with a sample config file. Thanks in advance.

Improve this question
1
  • What's your problem? Can you post stack traces, or a clearer descriptions of any issues you're facing? Commented Aug 24, 2011 at 6:59

3 Answers 3

Reset to default
6

another way to do this is to create tables using the standard spring security database schema (http://static.springsource.org/spring-security/site/docs/3.0.x/reference/appendix-schema.html). Then you can simply use spring's jdbc-userservice:

<security:authentication-provider >
    <security:jdbc-user-service data-source-ref="dataSource" /> 
    <security:password-encoder hash="sha" />
</security:authentication-provider>

Or if you want to use your own schema you can override the queries like this:

<security:authentication-provider>
    <securiy:jdbc-user-service 
      data-source-ref="dataSource"
      users-by-username-query="select username, password from users where username=?"
      authorities-by-username-query="select username, roleName from role..."
      role-prefix="ROLE_"
    />
 </security:authentication-provider>
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

is this query fixed? Because when i change the query according to my tables this does not work, it works only when i design according to this query.
6

You usually do it with a custom UserDetailsService. The UserDetailsService is a DAO used to load data about a user when they attempt login. Have a look at the loadUserByUsername(String username) method and the UserDetails class in spring.

Yo need to define it in your context:

<bean id="myDetailsService"
    class="com.company.service.impl.MyDetailsService" />

To use it you can add this to your security config:

<authentication-manager>
    <authentication-provider user-service-ref="myDetailsService" />
</authentication-manager>

and all you security filters will use it.

You can ask a more specific question if you need help implementing it, but you won't have trouble IMO.

Improve this answer

3 Comments

can u just give a brief about its implementation too..i have tried for that but its not getting.
you can see details about the implementation in the link provided in the answer. codercorp.com/blog/spring/security-spring/…
Link is broken. Please refer this stackoverflow.com/questions/7171460/….
0

Add these lines to your <authentication-provider> tag:

<authentication-provider>
    <password-encoder hash="sha-256" />
    <jdbc-user-service data-source-ref="dataSource"
            users-by-username-query="
                SELECT username, password, enabled
                FROM user WHERE username = ?"

            authorities-by-username-query="
                SELECT u.username, r.role_name
                FROM user u, user_role r, assigned_role a
                WHERE u.id = a.username
                AND r.id = a.role_id
                AND u.username = ?"
        />
</authentication-provider>

Of course you'll have to tweak the queries to match your table names.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.