开发者

Spring Security User

问答 作者:

What is best practise in Spring when creating a new user with custom attributes...to extend org.springframework.security.core.userdetails.U开发者_如何转开发ser or to create the User in the UserDetailsService (this is the approach taken in the IceFaces tutorial).

public UserDetails loadUserByUsername(String username)
        throws UsernameNotFoundException, DataAccessException {
    AppUser user = userDAO.findUser(username);
    if (user == null)
        throw new UsernameNotFoundException("User not found: " + username);
    else {
        return makeUser(user);
    }
}

private User makeUser(AppUser user) {
    return new User(user.getLogin(), user
            .getPassword(), true, true, true, true,
            makeGrantedAuthorities(user));
}

If your user permissions fit into the context of the Spring Security User class then simply writing your own UserDetails service is fine. But if your Users have other attributes that are not encapsulated in the available fields in the default Userclass then you will need to do both. There's not really a "best practice" - both are fine options it really depends on your use case.

继续阅读:spring-security

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9