我是Spring安全新手,所以我遵循了一些教程,但我无法理解角色的结构如何真正起作用。我有两个表,一个是用户:Spring Security在注册时设置角色
@Entity
@Table(name = "UserProfile", schema = "dbo", catalog = "DevTestTeam")
public class UserProfileEntity implements UserDetails{
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id", nullable = false)
private long id;
@Column(name = "enabled", nullable = false)
private boolean enabled;
@NotEmpty(message = "Enter a password.")
@Size(min = 6, max = 15, message = "Password must be between 6 and 15 characters.")
@Column(name = "password", nullable = true, length = 100)
private String password;
@NotEmpty(message = "Enter a username.")
@Size(min = 6, max = 20, message = "Username must be between 6 and 20 characters.")
@Column(name = "username", nullable = true, length = 20, unique = true)
private String username;
@OneToOne
@JoinColumn(name = "role_id")
private RoleEntity role;
public RoleEntity getRole() {
return role;
}
public void setRole(RoleEntity role) {
this.role = role;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
List<GrantedAuthority> authorities = new ArrayList<>();
authorities.add(new SimpleGrantedAuthority("ROLE_USER"));
return authorities;
}
,一个用于角色:创建一个新用户时
@Entity
@Table(name = "Role", schema = "dbo", catalog = "DevTestTeam")
public class RoleEntity {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id", nullable = false)
private long id;
@Column(name = "name", nullable = true, length = 255)
private String name;
public long getId() {
return id;
}
public void setId(long id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
我的困惑来了。我有一个由UserProfileEntity对象支持的注册表单,并填充了用户名和密码。然后显然很容易setEnabled()= true(为了清晰起见,我将一些getter/setter放在了这个代码之外)。
我的问题是如何在实例化UserProfileEntity时将角色设置为保存在数据库中。我的role_id外键只需要一个整数并从角色表中返回角色,但我不确定如何在实例化时表达这一点。我在角色表中有一个ROLE_USER,ID为1,我觉得这很容易实例化,但我找不到我要找的答案。
UserImpl:
@Service
public class UserProfileServiceImpl implements UserProfileService{
@Autowired
private UserProfileDao userDao;
@Override
public UserProfileEntity findByUser(String username) {
return userDao.findByUsername(username);
}
@Override
public List<UserProfileEntity> findAll() {
List<UserProfileEntity> list = userDao.findAll();
return list;
}
@Override
public UserProfileEntity save(UserProfileEntity persisted) {
userDao.save(persisted);
return null;
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
UserProfileEntity user = userDao.findByUsername(username);
if (user == null) {
throw new UsernameNotFoundException("User not found.");
}
return user;
}
}
太棒了,谢谢你的建议和不同的选择。今天早上我会和他一起工作,看看我能想出什么。 –
添加了我的Impl类供参考,看起来与您的建议非常相似。 –
感谢您的帮助,我最终使用了您建议的第一种方法,并为我的RoleEntity制作了一个Dao。也感谢你解释你的答案,这个Spring安全性的世界非常深,但我现在明白了很多。 –