Courses
Sections
Projects
Wiki
News
Forums
Surveys
Mailing Lists| Author | Message |
|---|---|
|
lmann2
Posts: 156
|
Posted 18:16 Mar 02, 2015 |
Hi all, The statement generated by Spring Security when you use the generic <security:jdbc-user-service data-source-ref="dataSource" /> creates a statement that searches the authorities table by the username (not user_id). I see in CSNS that you've created a custom login authentication process <security:authentication-provider user-service-ref="userService"> and then later add <security:remember-me data-source-ref="dataSource"/> (though i'm not sure why as userService seems to add user to the model maps...do you use this to add the user to the session scope?). My question is, if we decide that our authorities table should not have a (var char) column called username (and instead has user_id) how do we change the sql statement that searches for user roles? Or is it better form create our own user authentication process? |
|
cysun
Posts: 2935
|
Posted 18:48 Mar 02, 2015 |
Read the lecture notes. There's an example there that customizes <jdbc-user-service>. |
|
lmann2
Posts: 156
|
Posted 19:04 Mar 02, 2015 |
Should we use aliases in the select statement if we override: select username, authority from authorities where username = ? or can spring security still identify them without the actual name being "username" or "authority"
|
|
cysun
Posts: 2935
|
Posted 19:06 Mar 02, 2015 |
Just try it. My guess is that you need to use aliases, but it's also possible that it would assume the first result column to be username and the second one authority. |
|
lmann2
Posts: 156
|
Posted 19:16 Mar 02, 2015 |
You don't need to use alias. |
|
cysun
Posts: 2935
|
Posted 19:17 Mar 02, 2015 |
Good to know. |
