Announcement Announcement Module
Collapse
No announcement yet.
Fixed role by userDetailsService Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Fixed role by userDetailsService

    Hello

    i want to set a fixxed role by userDetailsService while i using a JdbcDaoImpl.
    So i want to use the username and password i get from a table but i don't want to use the authorities option from JdbcDaoImpl.

    is there some way i can realize this without reverence to a table but set it fixed to ROLE_CUSTOMER for example.

    Code:
    <b:bean id="authenticationDao2" class="org.springframework.security.userdetails.jdbc.JdbcDaoImpl" >
            <b:property name="dataSource"><b:ref bean="dataSource"/></b:property>
            <b:property name="usersByUsernameQuery">
                <b:value>select login, password, 1 from users where login = ?</b:value>
            </b:property>
            <!--  do something here to set a fixed authoritie -->
    </b:bean>
    
    <b:bean id="daoAuthenticationProvider2" class="org.springframework.security.providers.dao.DaoAuthenticationProvider">
    	<b:property name="userDetailsService"><b:ref local="authenticationDao2"/></b:property>
    	<custom-authentication-provider/>
    </b:bean>
    thx

  • #2
    hello,

    You should extend the JdbcDaoImpl and override the AddCustomAuthorities method.

    Regards,
    Davy

    Comment


    • #3
      mm i don't understand it
      i know how to extend de JdbcDaoImpl. but how can i use addCustomAuthorities so he always use ROLE_CUSTOMER ?

      something like this:

      Code:
      public class jdbcDaoImplExtended extends JdbcDaoImpl{
      
             protected void addCustomAuthorities(String username, List authorities) {
      		ArrayList<String> aut = new ArrayList();
      		aut.add("ROLE_CUSTOMER");
      		super.addCustomAuthorities(username, aut);
      	}
      }
      and what must i fill in by :

      Code:
       <b:property name="authoritiesByUsernameQuery">
                  <b:value>???</b:value>
              </b:property>
      thx
      Last edited by michel; Jul 1st, 2009, 08:41 AM.

      Comment


      • #4
        hello,

        i thought you want the authorities functionality ofJdbcDaoImpl, but also wanted every user to have a specific role "ROLE_CUSTOMER"

        Then you extend the JdbcDaoImpl and override the method addCustomAuthorities, which is a hook method.

        the implementation would be something like:

        Code:
        protected void addCustomAuthorities(String username, List authorities) {
        authorities.add(new GrantedAuthorityImpl("ROLE_CUSTOMER"));
        }
        But now i understand that you want the users only to have always the role "ROLE_CUSTOMER".

        To prevent the JdbcDaoImpl from loading the authorities you could set the "enableAuthorities" property to false.

        But unfortunately, the initDao method asserts that either enableAuthorities is true, or enableGroups is true.

        So in your implementation you should also override the initDao method: (i just removed the assertion)

        Code:
           protected void initDao() throws ApplicationContextException {
                initMappingSqlQueries();
            }
        this gives you:

        Code:
        public class jdbcDaoImplExtended extends JdbcDaoImpl{
        
        protected void initDao() throws ApplicationContextException {
        initMappingSqlQueries();
        }
        protected void addCustomAuthorities(String username, List authorities) {
        authorities.add(new GrantedAuthorityImpl("ROLE_CUSTOMER"));
        }
        }
        and then you add the following property to your configuration:

        Code:
        <b:property name="enableAuthorities">
                    <b:value>false</b:value>
         </b:property>
        Regards

        Comment


        • #5
          thx for your great helpand the examples.

          i implements the code you give. but the function initMappingSqlQueries();
          is not longer a protected function because he is not available in

          org.springframework.security.userdetails.jdbc.Jdbc DaoImpl

          without the override function initDao i get actually the error message:

          Use of either authorities or groups must be enabled.

          so you are right with that.

          do you have a idea to bypass this check on a other way or a way how i can user the private function initMappingSqlQueries();

          for the moment i make my own JdbcDaoImpl class. but i think there must be a smarter way.

          thx again

          p.s. Do you know the reason why they make initMappingSqlQueries private?
          Last edited by michel; Jul 2nd, 2009, 04:26 AM.

          Comment


          • #6
            mmm, i don't know.

            But you could try a sort of sql trick:

            in mssql i can do:

            Code:
            SELECT login AS username, 'ROLE_CUSTOMER' AS authority FROM users WHERE login = ?
            So you could try the following definition:

            Code:
            <b:bean id="authenticationDao2" class="org.springframework.security.userdetails.jdbc.JdbcDaoImpl" >
                    <b:property name="dataSource"><b:ref bean="dataSource"/></b:property>
                    <b:property name="usersByUsernameQuery">
                        <b:value>select login, password, 1 from users where login = ?</b:value>
                    </b:property>
                    <b:property name="authoritiesByUsernameQuery">
                        <b:value>SELECT login AS username, 'ROLE_CUSTOMER' AS authority FROM users WHERE login = ?</b:value>
                    </b:property>
            </b:bean>
            another option is to override the method loadUserAuthorities and return an empty list.

            Comment


            • #7
              mm that is also an idea.

              but i hold it by my own solution. so i can set some more things in the xml

              but thanks a lot for your quick response. you safeted my day

              Comment

              Working...
              X