Announcement Announcement Module
Collapse
No announcement yet.
Spring Security Custom UserDetailsService to use User Service/Dao Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring Security Custom UserDetailsService to use User Service/Dao

    I am using a custom UserDetailsService to authenticate users. This uses a PersonDao/Service object that is autowired. To autowire this object, I had to include reference to datasource, sessionfactory and annotation driven in Spring-security-context.xml. All these lines are exactly replicated in app-servlet.xml. So I was wondering if there is anyway to have theses lines in only one place and not to copy it at both the places.

  • #2
    Your Spring MVC application should be able to see what is in your parent context, but not the other way around. So try removing it from app-servlet.xml

    Comment


    • #3
      thanks for the reply rwinch.. in that case, if I define the element <global-method-security.../> in parent context it should be picked up by all the child context files right? I have a main context file that scans for annotated classes in all the packages except controller package. Classes in controller package are scanned in app-servlet.xml file. I was trying to use method level security on a controller method but it didn't work. I had to explicitly specify that <global..> method in app-servlet.xml also...

      Comment


      • #4
        While beans in the parent context will be visible for wiring to beans in the child context, BeanPostProcessor's (like global-method-security) do not impact child contexts.

        Comment


        • #5
          thanks rwinch.. you are very helpful..
          one more question.. there is really no need to define the <global-method..> element in security-context file if I don't define any business related beans.. right? all the beans are scanned in either main webappcontext or dispatcher-servlet.. so it is enough to have that element in those two files if I want secured/pre-post annotations..

          Comment


          • #6
            When using Spring MVC there are typically only two ApplicationContexts. Those loaded by the ContextLoaderListener (the parent) and those loaded by the DispatchServlet (the child). Note that even if there are multiple files listed it only represents one ApplicationContext. For further details check out the Spring Security FAQ and read about it in the Spring Reference

            Comment

            Working...
            X