1

My Spring-Security implementation for http-digest: Code:

<bean id="digestFilter" class="org.springframework.security.web.authentication.www.DigestAuthenticationFilter">
      <property name="userDetailsService" ref="userService"/>
      <property name="authenticationEntryPoint" ref="digestEntryPoint"/>
    </bean>

========================================================================

<security:authentication-manager alias="authenticationManager">
      <security:authentication-provider ref="inMemoryAuthenticationProvider"/>
   </security:authentication-manager>

========================================================================


<bean id="inMemoryAuthenticationProvider"
         class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
      <property name="hideUserNotFoundExceptions" value="false"/>
     <property name="userDetailsService" ref="inMemoryUserService"/> 
      <property name="messageSource" ref="messageSource"/>
   </bean>

========================================================================


<security:user-service id="inMemoryUserService">
        <security:user name="user" password="user" authorities="ROLE_USER"/>                
        <security:user name="admin" password="admin" authorities="ROLE_ADMIN"/>
        <security:user name="invitado" password="invitado" authorities="ROLE_INVITADO"/>
    </security:user-service>

I'm trying to customize it to obtain user data from a database. I tried to access from the Interface class UserDetailsService. Code:

public class CustomUserDetailsService implements UserDetailsService {

    @Override
    public UserDetails loadUserByUsername(String arg0)
            throws UsernameNotFoundException {

        List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();

        authorities.add(new SimpleGrantedAuthority("ROLE_USER"));

        return new User(
                "pepe", 
                "psw",
                true,
                true,
                true,
                true,
                authorities);
    }

}

This does not work because the label when implementing security: user-service, no class attributes.

Any ideas?, How to access a database of users?

user1358518
  • 93
  • 2
  • 13
  • Your question isn't very clear. Have you created bean of your `CustomUserDetailsService`? – Aleksandr M Jun 11 '13 at 20:53
  • Hello, this is the xml configuration works, but users are hadcoding. Users need to access a bbdd, my idea for this access is the class CustomUserDetailsService – user1358518 Jun 13 '13 at 07:05

1 Answers1

1

The <user-service> tag is used to define users explicitly in the spring configuration file. It does not allow to specify your own UserDetailsService implementation.

To use your CustomUserDetailsService, all you have to do is to remove the <user-service> tag and replace it by your custom UserDetailsService like this : 

<bean id="inMemoryUserService" class="you.package.CustomUserDetailsService"/>

And then you should be able to log in with pepe:psw .

baraber
  • 3,296
  • 27
  • 46