扭曲的鉛筆

隨筆 - 37 文章 - 14 trackbacks - 0

2008年3月

>

日

一

二

三

四

五

六

24

25

26

27

28

29

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

1

2

3

4

5

常用鏈接

留言簿

隨筆分類(lèi)

隨筆檔案

文章分類(lèi)

相關(guān)鏈接

搜索

閱讀排行榜

評(píng)論排行榜

Acegi擴(kuò)展JdbcDaoImpl獲取更多的用戶(hù)信息

Acegi預(yù)設(shè)的是通過(guò)JdbcDaoImpl訪問(wèn)數(shù)據(jù)庫(kù)進(jìn)行身份驗(yàn)證，我們首先來(lái)看下配置文件

<bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
       <property name="userDetailsService">
       <ref bean="jdbcDaoImpl"/>
       </property>
       <property name="userCache">
       <ref bean="userCache"/>
       </property>
   </bean>

    <bean id="jdbcDaoImpl" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
    <property name="dataSource">
    <ref bean="dataSource"/>
    </property>
    <property name="usersByUsernameQuery">
    <value>
    SELECT username,password,enabled FROM user WHERE username=?
    </value>
    </property>
    <property name="authoritiesByUsernameQuery">
    <value>
    SELECT username, rolename
       FROM user u, role r, user_role ur
     WHERE u.id = ur.user_id
     and r.id = ur.role_id
     and u.username = ?
    </value>
    </property>
    </bean>

從配置及源碼可以看出JdbcDaoImpl都是實(shí)現(xiàn)了UserDetailsService接口, 而這個(gè)接口里只定義了一個(gè)方法:UserDetails loadUserByUsername(String username) 就是根據(jù)用戶(hù)名加載UserDetails對(duì)象。要獲取更多的用戶(hù)信息可以通過(guò)擴(kuò)展JdbcDaoImpl，重寫(xiě)UsersByUsernameMapping方法來(lái)封裝UserDetails對(duì)象。首先需要擴(kuò)展UserDetails接口, 并擴(kuò)展org.acegisecurity.userdetails.User

public interface IUserDetails extends UserDetails {

    public void setUsername_cn(String username_cn);

    public String getUsername_cn();


    public String getUsername();

    public void setUsername(String username);

    public GrantedAuthority[] getAuthorities();

    public void setAuthorities(GrantedAuthority[] authorities);

}

public class UserDetailsImpl extends User implements IUserDetails {

    private String username_cn;
    private String username;
    private GrantedAuthority[] authorities;


    public UserDetailsImpl(String username, String password, boolean enabled,
            boolean accountNonExpired, boolean credentialsNonExpired,
            boolean accountNonLocked, GrantedAuthority[] authorities)
            throws IllegalArgumentException {
        super(username, password, enabled, accountNonExpired, credentialsNonExpired,
                accountNonLocked, authorities);
        setUsername(username);
        setAuthorities(authorities);
    }


    public UserDetailsImpl(String username_cn, String username, String password, boolean enabled,
            boolean accountNonExpired, boolean credentialsNonExpired,
            boolean accountNonLocked, GrantedAuthority[] authorities)
            throws IllegalArgumentException {
        super(username, password, enabled, accountNonExpired, credentialsNonExpired,
                accountNonLocked, authorities);
        this.username_cn = username_cn;
        setUsername(username);
        setAuthorities(authorities);
    }

    public GrantedAuthority[] getAuthorities() {
        return authorities;
    }

    public void setAuthorities(GrantedAuthority[] authorities) {
        this.authorities = authorities;
    }

    public String getUsername() {
        return username;
    }

    public void setUsername(String username) {
        this.username = username;
    }

    public String getUsername_cn() {
        return username_cn;
    }

    public void setUsername_cn(String username_cn) {
        this.username_cn = username_cn;
    }

}

接著通過(guò)擴(kuò)展JdbcDaoImpl，重寫(xiě)IUserDetails loadUserByUsername(String username)返回我們所擴(kuò)展的UserDetail對(duì)象

public class AcegiJdbcDaoImpl extends JdbcDaoImpl {

.

public IUserDetails loadUserByUsername(String username)
       throws UsernameNotFoundException, DataAccessException {
       List users = usersByNameMapping.execute(username);

       if (users.size() == 0) {
           throw new UsernameNotFoundException("User not found");
       }

       IUserDetails user = (IUserDetails) users.get(0); // contains no GrantedAuthority[]

       List dbAuths = rolesByUsernameMapping.execute(user.getUsername());

       addCustomAuthorities(user.getUsername(), dbAuths);

       if (dbAuths.size() == 0) {
           throw new UsernameNotFoundException("User has no GrantedAuthority");
       }

       GrantedAuthority[] arrayAuths = (GrantedAuthority[]) dbAuths.toArray(new GrantedAuthority[dbAuths.size()]);

       user.setAuthorities(arrayAuths);

       if (!usernameBasedPrimaryKey) {
           user.setUsername(username);
       }

       return user;
   }
   protected class UsersByUsernameMapping extends MappingSqlQuery {
       protected UsersByUsernameMapping(DataSource ds) {
           super(ds, usersByUsernameQuery);
           declareParameter(new SqlParameter(Types.VARCHAR));
           compile();
       }

       protected Object mapRow(ResultSet rs, int rownum)
           throws SQLException {
           String username = rs.getString("username");
              String username_cn = rs.getString("username_cn");
           String password = rs.getString(3);
           boolean enabled = rs.getBoolean("enabled");
           IUserDetails user = new UserDetailsImpl(username, password, enabled, true, true, true,
                   new GrantedAuthority[] {new GrantedAuthorityImpl("HOLDER")});
           user.setUsername_cn(username_cn);
           return user;
       }
   }
}

相應(yīng)的配置文件更改為AcegiJdbcDaoImpl bean

    <bean id="daoAuthenticationProvider"
        class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
        <property name="userDetailsService" ref="userDetailsService" />
    </bean>

    <bean id="userDetailsService"
        class="com.emms.security.acegi.AcegiJdbcDaoImpl">
        <property name="dataSource">
            <ref bean="dataSource" />
        </property>

        <property name="usersByUsernameQuery">
            <value>
                SELECT distinct(u.username), u.username_cn, password, enabled from emms_role r, user_role ur, emms_user u
                 where r.id = ur.role_id and ur.user_id = u.username and u.username = ?
            </value>
        </property>

        <property name="authoritiesByUsernameQuery">
            <value>
                 SELECT u.username, r.rolename FROM user_role ur, emms_user u, emms_role r
                  WHERE ur.user_id = u.username and ur.role_id = r.id and u.username = ?
            </value>
        </property>
    </bean>

posted on 2008-03-11 09:29 扭曲的鉛筆閱讀(1532) 評(píng)論(1) 編輯收藏所屬分類(lèi): Spring

FeedBack:

# re: Acegi擴(kuò)展JdbcDaoImpl獲取更多的用戶(hù)信息 2009-03-22 21:18 acegi

請(qǐng)問(wèn)可以使用ID登錄嗎？？不用用戶(hù)名登錄。為什么在AcegiJdbcDaoImpl 使用了SQL語(yǔ)句還要在配置文件用再使用呢？
指點(diǎn)：email:zhoushangbin@gmail.com
可以發(fā)這個(gè)例子來(lái)學(xué)習(xí)下嗎》》？？回復(fù) 更多評(píng)論

新用戶(hù)注冊(cè) 刷新評(píng)論列表


只有注冊(cè)用戶(hù)登錄后才能發(fā)表評(píng)論。




網(wǎng)站導(dǎo)航: 博客園 IT新聞 Chat2DB C++博客博問(wèn) 管理
相關(guān)文章: Acegi擴(kuò)展JdbcDaoImpl獲取更多的用戶(hù)信息 Acegi 關(guān)鍵組件詳述（轉(zhuǎn)） Servlet 與 Spring(轉(zhuǎn)摘) Spring事務(wù)學(xué)習(xí)（二） Spring事務(wù)管理探索（轉(zhuǎn)摘自JavaEye） Spring事務(wù)學(xué)習(xí)（一）

主站蜘蛛池模板：通榆县| 定安县| 石嘴山市| 高雄市| 万源市| 兴隆县| 荆州市| 黄冈市| 十堰市| 天台县| 金门县| 桐城市| 辽阳市| 罗定市| 汤原县| 巴林左旗| 连南| 商南县| 枣庄市| 双牌县| 奎屯市| 新竹县| 宿松县| 宁南县| 临漳县| 马尔康县| 江源县| 万源市| 隆德县| 五大连池市| 土默特右旗| 崇信县| 禄劝| 梨树县| 武鸣县| 新乡市| 宜丰县| 清新县| 林州市| 乌拉特前旗| 临江市|