Mark, Do I really have to use the user-by-username-query query ?You just have to make sure that the user-by-username-query returns three fields.
I cleaned up the method to populate the user object but it just goes back to the login page
Jay Abrahm wrote: Mark, Do I really have to use the user-by-username-query query ?
If you already have a authentication code, can you explain why you are using Spring Security again?
The UserDetailsService class is only used to load User data for Authentication. Authorization is a different piece all together.
So now we know enough information. You want to use SiteMinder for the user data. So a Google search has shown me this
Prasad Krishnegowda wrote:
In the above, the Parameter arg0, is the username entered by the user, you can execute the query to search from the database using this username, and you can return an User object, by adding all the required details like password and roles for this user, Spring security will take it on from here..
Prasad Krishnegowda wrote:Geeta,
UserDetails is an interface provided by spring, see this http://docs.spring.io/spring-security/site/docs/3.0.x/apidocs/org/springframework/security/core/userdetails/UserDetails.html.
What we should do is, implement this interface, and set the password, see the interface, it has methods to set username, password and role(authorities) and other options like accountExpired and so on.
The arg0 gives us the username in the above method, use this username and populate the password and role(authorities) for this user.
Yes, the password here should be the one, which user enters while logging in. You can get it from database or hardcode it, it's up to you.
P:S: This is an old post, if you still have any problem, please create a new thread, we can see that from there.
It runs on an internal combustion engine. This ad does not:
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com
|