http://static.springsource.org/spring-security/site/docs/3.0.x/reference/springsecurity-single.html#digest-processing-filter
Implement UserDetailsService
http://static.springsource.org/spring-security/site/docs/3.0.x/reference/springsecurity-single.html#d0e1613
<http create-session="never" entry-point-ref="digestEntryPoint" use-expressions="true">
<intercept-url pattern="/<urls>/**" access="isAuthenticated()" />
<custom-filter ref="digestFilter" position="BASIC_AUTH_FILTER" />
</http>
<bean id="userDetailsService" class="CustomUserDetailsService">
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="userDetailsService">
</authentication-provider>
</authentication-manager>
Create user for the application and return with a standard role
example:
class CustomUserDetailsService {
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
if(username.equals("AppUser") {
//load password from database/configuration file
return new
User("AppUser", String password, true, true, true, true, Arrays.asList(
new GrantedAuthorityImpl("AdminRole")))();
}
return null;
}
}
No comments:
Post a Comment