How to do authorization in spring??

A

artshelom2017-03-16 18:12:13

Spring

artshelom, 2017-03-16 18:12:13

Newbie needs help.
It is necessary that during authorization the login and password be sent to the class where it would be checked, and the role would be sent back how to do xs.
Here is my authorization code so far in xml here it is

<authentication-manager>
    <authentication-provider>
      <user-service>
        <user name="admin" password="admin" authorities="ROLE_ADMIN,ROLE_USER" />
        <user name="user1" password="user1" authorities="ROLE_USER" />
        <user name="user2" password="user2" disabled="true" authorities="ROLE_USER" />
      </user-service>
    </authentication-provider>
  </authentication-manager>

Class to test:

public class ArrayUser {
    private ArrayList<UserBean> list = new ArrayList<UserBean>();

    public ArrayUser() {
        list.add(new UserBean("ADMIN", "admin", "admin"));
        list.add(new UserBean("USER", "user", "user"));
        list.add(new UserBean("VALUE", "value", "value"));
    }
    public String returnUserList(String name, String password) {
        for (UserBean bean : list) {
            if (bean.getName().equals(name) && bean.getPassword().equals(password))
                return bean.getRole();
        }
        return null;
    }
}

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

aol-nnov, 2017-03-16
@artshelom

> the role would be sent back
to where?
here, you are authorized through spring security, after that you have a SecurityContextHolder in the context from which you can get Authentication.
After that, you can do this object getAuthorities () and get a list of the roles that are assigned to it.