2011-12-31 40 views
2

我寫了春季安全applictionContext-security.xml文件下面的代碼:如何檢查春季安全多個表進行身份驗證

<?xml version="1.0" encoding="UTF-8"?> 
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans" 
xsi:schemaLocation="http://www.springframework.org/schema/beans 
    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd 
    http://www.springframework.org/schema/security 
    http://www.springframework.org/schema/security/spring-security-3.0.xsd"> 

<global-method-security secured-annotations="enabled"> 
</global-method-security> 

<!-- URL pattern based security --> 


<http auto-config="true"> 
    <intercept-url pattern="/common/*" access="ROLE_ADMIN" /> 
    <form-login login-page="/login/login.jsp"/> 
    <logout logout-success-url="/home/index.jsp"/> 
</http> 

<authentication-manager> 
    <authentication-provider> 

     <!-- <password-encoder hash="md5"/> <user-service> <user name="admin" 
      password="65dc70650690999922d7dcd99dbd4033" authorities="ROLE_ADMIN"/> </user-service> --> 

     <jdbc-user-service data-source-ref="dataSource" 
      authorities-by-username-query=" 
      select admin.userName as username, auth.authority as authority from Administrators admin, Authorities auth 
      where admin.id=auth.AdministratorId and admin.userName= ?" 
      users-by-username-query="select userName as username,hashedPassword as password, enabled as enabled 
             from Administrators where userName= ?" /> 

    </authentication-provider> 
</authentication-manager> 

</beans:beans> 

在該XML文件,我只能檢查管理員表從數據庫角色。 如何檢查其他表格(例如內部用戶,管理員和外部用戶表格)以檢查角色?我是否需要在新類中編寫查詢,而不是使用xml編寫查詢。請給我任何想法或建議,因爲我剛開始這樣做。給我任何鏈接或網站或代碼來查看。謝謝

回答

5

如果您在Spring Security schema definition中搜索身份驗證提供程序,您將看到它具有無限最大值。因此,您可以爲需要在</authentication-manager>內訪問的每個表格添加一個<authentication-provider>,例如,

<authentication-manager> 
    <authentication-provider> 
     <jdbc-user-service data-source-ref="dataSource" 
      authorities-by-username-query="select [...] from Administrators" 
     .../> 
    </authentication-provider> 

    <authentication-provider> 
     <jdbc-user-service data-source-ref="dataSource" 
      authorities-by-username-query="select [...] from Users" 
     .../> 
    </authentication-provider> 
</authentication-manager> 
相關問題