In a previous blog post to explain the data that comes with Spring Security default database storage and user permissions, but Spring Security provides a default table structure is too simple, in fact, even if the default table structure to provide very complex, not necessarily meet project requirements for user information and authority information management. Then the next will explain how to customize the database to manage user information and rights information.
Custom table structure
Mysql database is used here, so do not modify the pom.xml file. Here you can just create three tables, user tables, role tables, user Role table. User table where the user, role role table to save the main user permissions table data, user Role for related tables. user user table, between the role role-many relationship table, that a user can have multiple roles. FIG ER follows:
Construction of the table statement:
-- 角色
create table role(
id bigint,
name varchar(50),
descn varchar(200)
);
alter table role add constraint pk_role primary key(id);
alter table role alter column id bigint generated by default as identity(start with 1);
-- 用户
create table user(
id bigint,
username varchar(50),
password varchar(50),
status integer,
descn varchar(200)
);
alter table user add constraint pk_user primary key(id);
alter table user alter column id bigint generated by default as identity(start with 1);
-- 用户角色连接表
create table user_role(
user_id bigint,
role_id bigint
);
alter table user_role add constraint pk_user_role primary key(user_id, role_id);
alter table user_role add constraint fk_user_role_user foreign key(user_id) references user(id);
alter table user_role add constraint fk_user_role_role foreign key(role_id) references role(id);复制代码Insert data:
insert into user(id,username,password,status,descn) values(1,'admin','admin',1,'管理员');
insert into user(id,username,password,status,descn) values(2,'user','user',1,'用户');
insert into role(id,name,descn) values(1,'ROLE_ADMIN','管理员角色');
insert into role(id,name,descn) values(2,'ROLE_USER','用户角色');
insert into user_role(user_id,role_id) values(1,1);
insert into user_role(user_id,role_id) values(1,2);
insert into user_role(user_id,role_id) values(2,2);复制代码Spring Security modify configuration files (applicationContext.xml)
Now if we want to use data Spring Security, Spring Security need in such a data structure on the basis of nothing more than to deal with two cases, one judge the legality of the logged in user, the second is to determine the landing users have access to protected system resources. So we have to do is work on the basis of existing data structure, providing both data Spring Security.
Two such properties jdbc-user-service tag:
- users-by-username-query to find users based on user name, the system queries the current user's login name by passing a user name, password, and whether the state is disabled.
- authorities-by-username-query to find privileges based on user name, the system queries all current users have been granted permission by the incoming user name.
From the figure can be seen to be the first property is to query the user name, password, and is available through username; The second attribute is to query the user rights by username, so the sql in the underlying table structure of our custom on sentence be modified to obtain the following statement:
select username,password,status as enabled from user where username = ?
select user.username,role.name from user,role,user_role
where user.id=user_role.user_id and
user_role.role_id=role.id and user.username=?复制代码So that the resulting configuration file as follows:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<http auto-config='true'>
<intercept-url pattern="/adminPage.jsp" access="ROLE_ADMIN" />
<intercept-url pattern="/**" access="ROLE_USER" />
</http>
<!-- 数据源 -->
<beans:bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource"
destroy-method="close">
<!-- 此为c3p0在spring中直接配置datasource c3p0是一个开源的JDBC连接池 -->
<beans:property name="driverClass" value="com.mysql.jdbc.Driver" />
<beans:property name="jdbcUrl"
value="jdbc:mysql://localhost:3306/springsecuritydemo?useUnicode=true&characterEncoding=UTF-8" />
<beans:property name="user" value="root" />
<beans:property name="password" value="" />
<beans:property name="maxPoolSize" value="50"></beans:property>
<beans:property name="minPoolSize" value="10"></beans:property>
<beans:property name="initialPoolSize" value="10"></beans:property>
<beans:property name="maxIdleTime" value="25000"></beans:property>
<beans:property name="acquireIncrement" value="1"></beans:property>
<beans:property name="acquireRetryAttempts" value="30"></beans:property>
<beans:property name="acquireRetryDelay" value="1000"></beans:property>
<beans:property name="testConnectionOnCheckin" value="true"></beans:property>
<beans:property name="idleConnectionTestPeriod" value="18000"></beans:property>
<beans:property name="checkoutTimeout" value="5000"></beans:property>
<beans:property name="automaticTestTable" value="t_c3p0"></beans:property>
</beans:bean>
<authentication-manager>
<authentication-provider>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="select username,password,status as enabled from user where username = ?"
authorities-by-username-query="select user.username,role.name from user,role,user_role
where user.id=user_role.user_id and
user_role.role_id=role.id and user.username=?"/>
</authentication-provider>
</authentication-manager>
</beans:beans>复制代码Other files and configuration tutorial and two ( the Spring Security tutorial (b) ) exactly the same, please refer to the tutorial two
result
Because only changed the stored user information and permission information mode, the other has not changed, and the effect tutorial effect is the same. No micro-channel public attention: ByteZ , for more learning materials