Step by step login example using spring security 3.0 with hdbc

17,790

Solution 1

It's just a matter of taking your time to read the Security namespace configuration

Here are some other resources I found useful when I was figuring this out:

Basically you are asking for a complete tutorial. It's better to ask about specific problems you encounter and show us what you have tried (creating two tables is a bit meagre).

And one more thing: configuring security, even with Spring, is NOT dirt simple. You have to learn about the implications of decisions you make regarding password hashing & salting, password recovery schemes and remember-me functionality to name a few common pitfalls. Also the choice of which pages/paths to secure (intercept-urls) has to be made wisely. This depends on the type of application and the context in which it runs.

Solution 2

A step by step example can be found in the spring pet clinic tutorial.

However.

You just need to implement your own UserDetailsService and inject it into your security context.

This is a good howto on implementing it.

Share:
17,790
Raje
Author by

Raje

?

Updated on June 27, 2022

Comments

  • Raje
    Raje over 1 year

    I am new to Spring and Spring Security. I just need a pointer in the right direction:

    I have a simple Spring MVC/Spring Security webapp. I want to add login functionality into web app. I have created following two table.

    CREATE TABLE "users" (
      "USER_ID" NUMBER(10)  NOT NULL,
      "USERNAME" VARCHAR(45) NOT NULL,
      "PASSWORD" VARCHAR(45) NOT NULL,
      "ENABLED" NUMBER(1) NOT NULL,
      PRIMARY KEY ("USER_ID")
    )
    
    
    CREATE TABLE "user_roles" (
      "USER_ROLE_ID" NUMBER(10)  NOT NULL,
      "USER_ID" NUMBER(10)  NOT NULL,
      "AUTHORITY" VARCHAR(45) NOT NULL,
      PRIMARY KEY ("USER_ROLE_ID"),
      CONSTRAINT "FK_user_roles" FOREIGN KEY ("USER_ID") REFERENCES "users" ("USER_ID")
    ) 
    

    I want to authenticate user from database then it checks role of the user. I know this is dirt simple, so I just need to hear how the process should flow.