UserDetailsService provides a single method that can be integrated with any of your authentication credential data stores:
public interface UserDetailsService {
UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException;
}
loadUserByUsername should return UserDetails. The details of the UserDetails interface are as follows:
public interface UserDetails extends Serializable {
Collection << ? extends GrantedAuthority > getAuthorities();
String getPassword();
String getUsername();
boolean isAccountNonExpired();
boolean isAccountNonLocked();
boolean isCredentialsNonExpired();
boolean isEnabled();
}
Spring Security also provides a default UserDetailsService service to talk to a relational database. It assumes a default schema. Two tables need to be created, adhering to a specific structure—users and authorities:
public class JdbcDaoImpl extends JdbcDaoSupport
implements UserDetailsService, MessageSourceAware {
public static final String DEF_USERS_BY_USERNAME_QUERY
= "select username,password,enabled " +
"from users " + "where username = ?";
public static final String DEF_AUTHORITIES_BY_USERNAME_QUERY
= "select username,authority " +
"from authorities " + "where username = ?";
public static final String DEF_GROUP_AUTHORITIES_BY_USERNAME_QUERY
= "select g.id, g.group_name, ga.authority " +
"from groups g, group_members gm, group_authorities ga " +
"where gm.username = ? " + "and g.id = ga.group_id " +
"and g.id = gm.group_id";
}
You can also provide your own custom queries using the set methods in JdbcDaoImpl:
public void setAuthoritiesByUsernameQuery(String queryString)
public void setGroupAuthoritiesByUsernameQuery(String queryString)
public void setUsersByUsernameQuery(String usersByUsernameQueryString)