acegi security实践教程—定制userDetailsService

  源码讲解

  package org.acegisecurity.userdetails;
  import org.springframework.dao.DataAccessException;
  public abstract interface UserDetailsService
 {
    public abstract UserDetails loadUserByUsername(String paramString)
    throws UsernameNotFoundException, DataAccessException;
  }

package org.acegisecurity.userdetails;
import java.io.Serializable;
import org.acegisecurity.GrantedAuthority;
public abstract interface UserDetails extends Serializable
{
  public abstract GrantedAuthority[] getAuthorities();
  public abstract String getPassword();
  public abstract String getUsername();
  public abstract boolean isAccountNonExpired();
  public abstract boolean isAccountNonLocked();
  public abstract boolean isCredentialsNonExpired();
  public abstract boolean isEnabled();
}

  开发步骤：

  开发环境：

  项目目录如下：  

  代码关键：

for(int i=0;i<dbAuths.size();i++){
String auth=(String)dbAuths.get(i).get("AUTHS");
GrantedAuthorityImpl authority = new GrantedAuthorityImpl(auth);
listAuth.add(authority);
}
GrantedAuthority[] arrayAuths = (GrantedAuthority[]) listAuth.toArray(new GrantedAuthority[listAuth.size()]);

   public boolean isAccountNonExpired() {
// TODO Auto-generated method stub
return true;
}
@Override
public boolean isAccountNonLocked() {
// TODO Auto-generated method stub
return true;
}
@Override
public boolean isCredentialsNonExpired() {
// TODO Auto-generated method stub
return true;
}
@Override
public boolean isEnabled() {
// TODO Auto-generated method stub
if("1".equals(enabled)){
return true;
}else{
return false;
}
}

  定制类：

package com.extend;

import java.util.ArrayList;
import java.util.List;
import java.util.Map;

import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.userdetails.User;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.UserDetailsService;
import org.acegisecurity.userdetails.UsernameNotFoundException;
import org.springframework.dao.DataAccessException;
import org.springframework.jdbc.core.JdbcTemplate;

public class MyUserDetailService implements UserDetailsService {

	 private JdbcTemplate jdbcTemplate;
	@Override
	public UserDetails loadUserByUsername(String username)
			throws UsernameNotFoundException, DataAccessException {
		//根据用户名查询用户基本信息
		String baseSql="select * from test_user t where t.user_name=?";
		List<Map> list=this.jdbcTemplate.queryForList(baseSql,new Object[]{username});
		if(list.size()==0){
			throw new UsernameNotFoundException("User not Found");
		}
		Map pMap=(Map)list.get(0);
		MyUser myUser=new MyUser();
		myUser.setUsername((String)pMap.get("USER_NAME"));
		myUser.setPassword((String)pMap.get("PWD"));
		myUser.setEnabled((String)pMap.get("ENABLED"));
		//根据用户名查询用户权限信息
		String authSql="select AUTHS from test_auths t where t.user_name=?";
		List<Map> dbAuths=this.jdbcTemplate.queryForList(authSql,new Object[]{username});
		if(dbAuths.size()==0){
			throw new UsernameNotFoundException("User has no GrantAuthority");
		}
		List listAuth=new ArrayList();
		for(int i=0;i<dbAuths.size();i++){
			String auth=(String)dbAuths.get(i).get("AUTHS");
			GrantedAuthorityImpl authority = new GrantedAuthorityImpl(auth);
			listAuth.add(authority);
		}
    	GrantedAuthority[] arrayAuths = (GrantedAuthority[]) listAuth.toArray(new GrantedAuthority[listAuth.size()]);
		myUser.setAuthorities(arrayAuths);
		return myUser;
	}
	public JdbcTemplate getJdbcTemplate() {
		return jdbcTemplate;
	}
	public void setJdbcTemplate(JdbcTemplate jdbcTemplate) {
		this.jdbcTemplate = jdbcTemplate;
	}

}

package com.extend;

import java.util.ArrayList;
import java.util.List;
import java.util.Map;

import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.userdetails.User;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.UserDetailsService;
import org.acegisecurity.userdetails.UsernameNotFoundException;
import org.springframework.dao.DataAccessException;
import org.springframework.jdbc.core.JdbcTemplate;

public class MyUserDetailService implements UserDetailsService {

	 private JdbcTemplate jdbcTemplate;
	@Override
	public UserDetails loadUserByUsername(String username)
			throws UsernameNotFoundException, DataAccessException {
		//根据用户名查询用户基本信息
		String baseSql="select * from test_user t where t.user_name=?";
		List<Map> list=this.jdbcTemplate.queryForList(baseSql,new Object[]{username});
		if(list.size()==0){
			throw new UsernameNotFoundException("User not Found");
		}
		Map pMap=(Map)list.get(0);
		MyUser myUser=new MyUser();
		myUser.setUsername((String)pMap.get("USER_NAME"));
		myUser.setPassword((String)pMap.get("PWD"));
		myUser.setEnabled((String)pMap.get("ENABLED"));
		//根据用户名查询用户权限信息
		String authSql="select AUTHS from test_auths t where t.user_name=?";
		List<Map> dbAuths=this.jdbcTemplate.queryForList(authSql,new Object[]{username});
		if(dbAuths.size()==0){
			throw new UsernameNotFoundException("User has no GrantAuthority");
		}
		List listAuth=new ArrayList();
		for(int i=0;i<dbAuths.size();i++){
			String auth=(String)dbAuths.get(i).get("AUTHS");
			GrantedAuthorityImpl authority = new GrantedAuthorityImpl(auth);
			listAuth.add(authority);
		}
    	GrantedAuthority[] arrayAuths = (GrantedAuthority[]) listAuth.toArray(new GrantedAuthority[listAuth.size()]);
		myUser.setAuthorities(arrayAuths);
		return myUser;
	}
	public JdbcTemplate getJdbcTemplate() {
		return jdbcTemplate;
	}
	public void setJdbcTemplate(JdbcTemplate jdbcTemplate) {
		this.jdbcTemplate = jdbcTemplate;
	}

}

  acegi配置文件：

>    <!-- 从数据库中读取用户信息验证身份 -->
	<bean id="daoAuthenticationProvider"
		class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
		<property name="userDetailsService" ref="userDetailsService" />
	</bean>

    <!-- 把用户信息、权限信息放到数据库中-->
	<bean id="userDetailsService"
		class="com.extend.MyUserDetailService">
		<property name="jdbcTemplate" ref="JdbcTemplate"> </property>
	</bean>
	<bean id="JdbcTemplate" class="org.springframework.jdbc.core.JdbcTemplate">
	   <property name="dataSource" ref="dataSource"></property>
	</bean>
	<!-- 数据源的绑定 -->
    <bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource"            
        destroy-method="close">            
	    <property name="driverClassName" value="oracle.jdbc.driver.OracleDriver" />           
	    <property name="url" value="jdbc:oracle:thin:@127.0.0.1:1521:orclnew" />           
	    <property name="username" value="drp"/>           
	    <property name="password" value="drp" />           
    </bean>

  debug流程：

 项目下载：

acegi security实践教程—定制userDetailsService,布布扣,bubuko.com

acegi security实践教程—定制userDetailsService

原文：http://blog.csdn.net/yuebinghaoyuan/article/details/21286895