我敢打赌,你已经解决你的问题,但也许这可以帮助别人......
1的配置应用程序
您需要添加您自己的实施UserDetailsService。
用户实体
public class CustomUserDetail extends org.springframework.security.core.userdetails.User {
public CustomUserDetail(String username, String password, Collection<? extends GrantedAuthority> authorities) {
super(username, password, authorities);
}
}
3- UserRepository
执行
public class AppConfig extends WebMvcAutoConfiguration {
...
@Bean
public UserSecurityService userSecurityService() {
return new UserSecurityService();
}
...
}
2-
@Component public class UserRepository extends CouchDbRepositorySupport<User> { ... @View(name = "findUserByUsername", map = "function(doc) { if (doc.docType == 'User') emit(doc.username, doc._id) }") public User findUserByUsername(String username) { return queryViewReturnSingleEntity("findUserByUsername",username); } ... }
4- 的UserDetailsService,UserSecurityService
public class UserSecurityService implements UserDetailsService {
@Autowired
private UserRepository userRepo;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException
{
//Spring user
UserDetails userDetails = null;
//CouchDB Object
User user = userRepo.getByUsername(username);
List<GrantedAuthority> grantedAuths = new ArrayList<GrantedAuthority>();
String rol = user.getRol();
grantedAuths.add(new SimpleGrantedAuthority(rol));
if(user != null){
//Spring user implementation
userDetails = new CustomUserDetail(user.getUsername(), user.getPassword(), grantedAuths);
}
if (userDetails == null) {
throw new UsernameNotFoundException("User not found");
}
return userDetails;
}
}
5最后,你必须扩展GlobalMethodSecurityConfiguration
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
@Override
protected MethodSecurityExpressionHandler createExpressionHandler() {
DefaultMethodSecurityExpressionHandler expressionHandler = new DefaultMethodSecurityExpressionHandler();
return expressionHandler;
}
}
惠特这一切,现在你可以添加:
@PreAuthorize("hasRole('ROLE_SUPER_USER')")
为了验证关于用户角色的访问。
你能改说吗?我发现很难看到要问什么。 – 2010-09-23 11:16:28
有什么好的教程来实现CouchDB的Spring Security Core? – 2014-01-26 06:20:27
@ code4jhon如果你仍然需要它我回答这个问题,它可能会帮助:) – gonzalon 2015-07-17 06:23:46