Announcement Announcement Module
Collapse
No announcement yet.
Creating the very first us Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Creating the very first us

    The very first time an application is lanched. How is it possible to generate a user? In the security.xml it is possible to create som user.


    Code:
    	<authentication-manager alias="authenticationManager">
    		<authentication-provider user-service-ref="jdbcUserService">
    			<password-encoder ref="passwordEncoder">
    				<salt-source ref="saltSource"/>
    			</password-encoder>
    		</authentication-provider>
    		<authentication-provider>
    			<user-service>
    				<user name="user" password="user" authorities="ROLE_USER" />
    				<user name="sectionadmin" password="sectionadmin" authorities="ROLE_SECTIONADMIN" />
    				<user name="companyadmin" password="companyadmin" authorities="ROLE_COMPANYADMIN" />
    				<user name="superadmin" password="superadmin" authorities="ROLE_SUPERADMIN" />
    			</user-service>
    		</authentication-provider>
    	</authentication-manager>

    The problem is that these users are like the my Person objects. I have my Person objects in a table. The users I declare in security.xml does not end up in my "Person table" in my DB.

    So if I do for example this

    Code:
    Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
    
    		String username;
    		if (principal instanceof Person) {
    			username = ((Person) principal).getFirstName();
    		} else {
    			username = principal.toString();
    		}
    The users declared in the security.xml cant be used like this. How do I create my very First person object? I would like to remove the lines that declares roles in the web.xml but I need a Person to sign in with.

    We are using Hibernate/Postgres.

    Thanks

  • #2
    I'm not sure I'm answering your question of how to create the very first person object - in my application that is done outside of Spring in setup code - in fact just running a series of SQL commands creates the 'person' objects. The application itself then has the ability for users to change their own passwords.

    The Spring XML you have shown for authentication does not go to the database objects, which is I think what you would need to be doing:

    Code:
        <authentication-manager>
          <authentication-provider ref="myDaoAuthenticationProvider"/>   
        </authentication-manager>       
    
        <bean id="myDaoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
            <property name="userDetailsService">
                <ref local="myJdbcDaoImpl"/>
            </property>
        </bean>      
    
        <bean id="myJdbcDaoImpl" class="org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl">
            <property name="dataSource">
                <ref local="myDataSource"/>
            </property>
            <property name="usersByUsernameQuery">
                <value>SELECT USERNAME, PASSWORD,'true' as enabled FROM user WHERE USERNAME = ?</value>
            </property>
            <property name="authoritiesByUsernameQuery">
                <value>select U.username, A.rolename as authority
                from User U, Authority A
                where A.user_fk = U.username
                       and U.username = ?</value>
            </property>
        </bean>
    I've left out myDataSource, but you can put in your own.

    Comment

    Working...
    X