c0demonkey see --> c0demonkey do: Spring Security, customizing JdbcUserDetailsManager

I've been working on a Spring Security implementation on GWT (GXT to be exact). I wanted to avoid implementing my own UserDetailsService and rather go with customizing the JdbcUserDetailsManager. However, the javadocs for JdbcUserDetailsManager were a little spare (although I just looked at the parent JdbcDaoImpl and saw the tables are defined there). I had to look in the source code to see what kind of results were required, this is my resulting XML definition.

<beans:bean id="userDetailsManager" class="org.springframework.security.userdetails.jdbc.JdbcUserDetailsManager">
      <beans:property name="dataSource" ref="dataSource" />
      <beans:property name="authenticationManager" ref="authManager" />
      <beans:property name="usersByUsernameQuery" value="SELECT user_name, password, 1 FROM users where user_name = ?" />
      <beans:property name="authoritiesByUsernameQuery" value="select u.user_name, r.name from users u, role r, user_role ur where ur.user_id = u.user_id and ur.role_id = r.role_id and u.user_name = ?" />
</beans:bean>

Note: the 1 after password indicates the user is enabled.

c0demonkey see --> c0demonkey do

Tuesday, October 6, 2009

Spring Security, customizing JdbcUserDetailsManager

No comments:

Post a Comment

Blog Archive