- public boolean isUsernameBasedPrimaryKey() {
- return usernameBasedPrimaryKey;
- }
- //这里是取得数据库用户信息的具体过程
- public UserDetails loadUserByUsername(String username)
- throws UsernameNotFoundException, DataAccessException {
- //根据用户名在用户表中得到用户信息,包括用户名,密码和用户是否有效的信息
- List users = usersByUsernameMapping.execute(username);
- if (users.size() == 0) {
- throw new UsernameNotFoundException("User not found");
- }
- //取集合中的第一个作为有效的用户对象
- UserDetails user = (UserDetails) users.get(0); // contains no GrantedAuthority[]
- //这里在权限表中去取得用户的权限信息,同样的返回一个权限集合对应于这个用户
- List dbAuths = authoritiesByUsernameMapping.execute(user.getUsername());
- addCustomAuthorities(user.getUsername(), dbAuths);
- if (dbAuths.size() == 0) {
- throw new UsernameNotFoundException("User has no GrantedAuthority");
- }
- //这里根据得到的权限集合来配置返回的User对象供以后使用
- GrantedAuthority[] arrayAuths = (GrantedAuthority[]) dbAuths.toArray(new GrantedAuthority[dbAuths.size()]);
- String returnUsername = user.getUsername();
- if (!usernameBasedPrimaryKey) {
- returnUsername = username;
- }
- return new User(returnUsername, user.getPassword(), user.isEnabled(), true, true, true, arrayAuths);
- }
- public void setAuthoritiesByUsernameQuery(String queryString) {
- authoritiesByUsernameQuery = queryString;
- }
- public void setRolePrefix(String rolePrefix) {
- this.rolePrefix = rolePrefix;
- }
- public void setUsernameBasedPrimaryKey(boolean usernameBasedPrimaryKey) {
- this.usernameBasedPrimaryKey = usernameBasedPrimaryKey;
- }
- public void setUsersByUsernameQuery(String usersByUsernameQueryString) {
- this.usersByUsernameQuery = usersByUsernameQueryString;
- }
- //~ Inner Classes ==================================================================================================
- /**
- * 这里是调用Spring JDBC的数据库操作,具体可以参考对JDBC的分析,这个类的作用是把数据库查询得到的记录集合转换为对象集合 - 一个很简单的O/R实现
- */
- protected class AuthoritiesByUsernameMapping extends MappingSqlQuery {
- protected AuthoritiesByUsernameMapping(DataSource ds) {
- super(ds, authoritiesByUsernameQuery);
- declareParameter(new SqlParameter(Types.VARCHAR));
- compile();
- }
- protected Object mapRow(ResultSet rs, int rownum)
- throws SQLException {
- String roleName = rolePrefix + rs.getString(2);
- GrantedAuthorityImpl authority = new GrantedAuthorityImpl(roleName);
- return authority;
- }
- }
- /**
- * Query object to look up a user.
- */
- protected class UsersByUsernameMapping extends MappingSqlQuery {
- protected UsersByUsernameMapping(DataSource ds) {
- super(ds, usersByUsernameQuery);
- declareParameter(new SqlParameter(Types.VARCHAR));
- compile();
- }
- protected Object mapRow(ResultSet rs, int rownum)
- throws SQLException {
- String username = rs.getString(1);
- String password = rs.getString(2);
- boolean enabled = rs.getBoolean(3);
- UserDetails user = new User(username, password, enabled, true, true, true,
- new GrantedAuthority[] {new GrantedAuthorityImpl("HOLDER")});
- return user;
- }
- }
-
- }
- public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService { //~ Static fields/initializers ===================================================================================== //这里是预定义好的对查询语句,对应于默认的数据库表结构,也可以自己定义查询语句对应特定的用户数据库验证表的设计 public static final String DEF_USERS_BY_USERNAME_QUERY = "SELECT username,password,enabled FROM users WHERE username = ?"; public static final String DEF_AUTHORITIES_BY_USERNAME_QUERY = "SELECT username,authority FROM authorities WHERE username = ?"; //~ Instance fields ================================================================================================ //这里使用Spring JDBC来进行数据库操作 protected MappingSqlQuery authoritiesByUsernameMapping; protected MappingSqlQuery usersByUsernameMapping; private String authoritiesByUsernameQuery; private String rolePrefix = ""; private String usersByUsernameQuery; private boolean usernameBasedPrimaryKey = true; //~ Constructors =================================================================================================== //在初始化函数中把查询语句设置为预定义的SQL语句 public JdbcDaoImpl() { usersByUsernameQuery = DEF_USERS_BY_USERNAME_QUERY; authoritiesByUsernameQuery = DEF_AUTHORITIES_BY_USERNAME_QUERY; } //~ Methods ======================================================================================================== protected void addCustomAuthorities(String username, List authorities) {} public String getAuthoritiesByUsernameQuery() { return authoritiesByUsernameQuery; } public String getRolePrefix() { return rolePrefix; } public String getUsersByUsernameQuery() { return usersByUsernameQuery; } protected void initDao() throws ApplicationContextException { initMappingSqlQueries(); } /** * Extension point to allow other MappingSqlQuery objects to be substituted in a subclass */ protected void initMappingSqlQueries() { this.usersByUsernameMapping = new UsersByUsernameMapping(getDataSource()); this.authoritiesByUsernameMapping = new AuthoritiesByUsernameMapping(getDataSource()); } public boolean isUsernameBasedPrimaryKey() { return usernameBasedPrimaryKey; } //这里是取得数据库用户信息的具体过程 public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { //根据用户名在用户表中得到用户信息,包括用户名,密码和用户是否有效的信息 List users = usersByUsernameMapping.execute(username); if (users.size() == 0) { throw new UsernameNotFoundException("User not found"); } //取集合中的第一个作为有效的用户对象 UserDetails user = (UserDetails) users.get(0); // contains no GrantedAuthority[] //这里在权限表中去取得用户的权限信息,同样的返回一个权限集合对应于这个用户 List dbAuths = authoritiesByUsernameMapping.execute(user.getUsername()); addCustomAuthorities(user.getUsername(), dbAuths); if (dbAuths.size() == 0) { throw new UsernameNotFoundException("User has no GrantedAuthority"); }
比对工