Announcement Announcement Module
Collapse
No announcement yet.
Confused about UserDetails Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Confused about UserDetails

    So I have the inMemory security working fine. Now I want to authenticate through users stored in the database. Am I correct in that I need to use the UserDetails interface?

    Is the basic idea that you query your dB based on the user name? If it exists do you return the User object?

    Any help to get me back on track is appreciated. Thanks!

  • #2
    The easiest way to do it is to create your own User class and have it implement the UserDetails interface. Then your DAO implements UserDetailsService which requires you to implement the loadUserByUsername method. This method should return your User object.

    Comment


    • #3
      You do need to implement a UserDetailsService to load users by username. You don't have to start from stratch however as the JdbcDaoImpl might be of use to you. You can simply inject in the query required for your schema. If you do want to create your own UserDetailsService however, you can either return the existing User object type, or create your own by implementing the UserDetails interface.
      http://www.acegisecurity.org/multipr...lsService.html
      http://www.acegisecurity.org/multipr...erDetails.html
      http://www.acegisecurity.org/multipr...ails/User.html

      Comment


      • #4
        Thanks,

        I found something on the forum that told me how to do it. Basically I set up the hibernate query to return my user object then passed the password to the Acegi user object that is returned by UserDetails loadUserByUsername which I assume verifies the login attemp. It seems to be working like a charm.

        Comment


        • #5
          Fantasic, glad you've got it working. Out of interest what was the thread you found to get up and running?

          Comment


          • #6
            I'd also be interested in knowing how to do this programmatically. I have this working in my login scenario through:

            protected final UserDetails retrieveUser(String username,
            UsernamePasswordAuthenticationToken authentication)
            throws AuthenticationException

            but i'd also like to be able to programmatically (in a different flow) add the UserDetails to the security context...

            EDIT: never mind, realized i need to implement AbstractAuthenticationToken...
            Last edited by danieljsanders; Feb 20th, 2007, 09:18 PM.

            Comment


            • #7
              Originally posted by karldmoore View Post
              Fantasic, glad you've got it working. Out of interest what was the thread you found to get up and running?






              Actually it was one of your responses when you linked someone to:

              http://www.acegisecurity.org/multipr...bcDaoImpl.html


              So thanks again!

              Comment


              • #8
                Originally posted by TerpInMD View Post
                Actually it was one of your responses when you linked someone to:
                http://www.acegisecurity.org/multipr...bcDaoImpl.html
                Not a problem..... again . Glad it was some use to someone!

                Comment

                Working...
                X