之前添加了SS3作为作为系统的权限验证框架,但用户却是在SS的配置文件中直接配置所得,作为一个优秀的组件,当然是支持用户自定义用户的。
1、自定义表结构
create table T_SYS_USER--用户表 ( ID NUMBER not null primary key, USERNAME VARCHAR2(50), PASSWORD VARCHAR2(50), FULLNAME VARCHAR2(100), DEPARTMENT_ID NUMBER ); create table T_SYS_ROLE--角色表 ( ID NUMBER not null primary key, NAME VARCHAR2(20) not null, DESCRIPTION VARCHAR2(100) ); create table T_SYS_USER_ROLE--用户角色关联表 ( USER_ID NUMBER not null, ROLE_ID NUMBER not null ); add constraint PK_USER_ROLE primary key (USER_ID, ROLE_ID); alter table T_SYS_USER_ROLE add constraint FK_SYS_USER foreign key (USER_ID) references t_sys_user (ID); alter table T_SYS_USER_ROLE add constraint FK_SYS_ROLE foreign key (ROLE_ID) references t_sys_role (ID);
2、创建实体类User.java,对应于用户表,使其实现UserDetail类
@Entity
@Table(name="T_SYS_USER")
public class User implements Serializable, UserDetails {
private static final long serialVersionUID = 1L;
@Id
@GeneratedValue(strategy=GenerationType.SEQUENCE, generator="SEQ_USER")
@SequenceGenerator(name="SEQ_USER", sequenceName="SEQ_USER")
private Long id;
private String username;
private String password;
private String fullname;
@Cascade(value={CascadeType.ALL})
@ManyToMany(fetch = FetchType.LAZY)
@JoinTable(name = "T_SYS_USER_ROLE", joinColumns = { @JoinColumn(name = "USER_ID", referencedColumnName = "ID", nullable = false) }, inverseJoinColumns = { @JoinColumn(name = "ROLE_ID", referencedColumnName = "ID", nullable = false) })
private Set<Role> roles;
......(各种get,set方法)
@Override
public Collection<GrantedAuthority> getAuthorities() {
return new ArrayList<GrantedAuthority>(getRoles());
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
}创建实体类Role.java,对应于角色表,并使其实现GrantedAuthority 类
@Entity
@Table(name="T_SYS_ROLE")
public class Role implements Serializable, GrantedAuthority {
private static final long serialVersionUID = 1L;
@Id
@GeneratedValue(strategy=GenerationType.SEQUENCE, generator="SEQ_ROLE")
@SequenceGenerator(name="SEQ_ROLE", sequenceName="SEQ_ROLE")
private Long id;
private String name;
private String description;
@Cascade(value={CascadeType.ALL})
@ManyToMany(mappedBy = "roles", fetch = FetchType.LAZY)
private Set<User> users;
......(各种get,set方法)
@Override
public String getAuthority() {
return getName();
}
}3、UserServiceImpl类实现UserDetailsService类的loadUserByUsername方法
@Override
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException, DataAccessException {
User user = userDao.loadUserByName(username);
if (user == null) {
log.warn("Login Error : user not found...");
throw new UsernameNotFoundException("Login Error : " + username + " not found!");
}
user.getAuthorities();
return user;
}4、修改SS配置文件
<authentication-manager> <authentication-provider user-service-ref="UserService"> </authentication-provider> </authentication-manager>
这样,SS框架便会使用UserService类的loadUserByUsername方法来进行用户身份验证
5、插入数据到数据库进行测试
角色表应该至少要保证有ROLE_USER跟ROLE_ADMIN两个用户