Confused about UserDetails

**TerpInMD** · Feb 19th, 2007, 07:54 PM

So I have the inMemory security working fine. Now I want to authenticate through users stored in the database. Am I correct in that I need to use the UserDetails interface?

Is the basic idea that you query your dB based on the user name? If it exists do you return the User object?

Any help to get me back on track is appreciated. Thanks!

**nmcloughlin** · Feb 19th, 2007, 10:35 PM

The easiest way to do it is to create your own User class and have it implement the UserDetails interface. Then your DAO implements UserDetailsService which requires you to implement the loadUserByUsername method. This method should return your User object.

**karldmoore** · Feb 20th, 2007, 02:49 AM

You do need to implement a UserDetailsService to load users by username. You don't have to start from stratch however as the JdbcDaoImpl might be of use to you. You can simply inject in the query required for your schema. If you do want to create your own UserDetailsService however, you can either return the existing User object type, or create your own by implementing the UserDetails interface.
http://www.acegisecurity.org/multipr...lsService.html
http://www.acegisecurity.org/multipr...erDetails.html
http://www.acegisecurity.org/multipr...ails/User.html

**TerpInMD** · Feb 20th, 2007, 10:20 AM

Thanks,

I found something on the forum that told me how to do it. Basically I set up the hibernate query to return my user object then passed the password to the Acegi user object that is returned by UserDetails loadUserByUsername which I assume verifies the login attemp. It seems to be working like a charm.

**karldmoore** · Feb 20th, 2007, 01:38 PM

Fantasic, glad you've got it working. Out of interest what was the thread you found to get up and running?

**danieljsanders** · Feb 20th, 2007, 07:36 PM

I'd also be interested in knowing how to do this programmatically. I have this working in my login scenario through:

protected final UserDetails retrieveUser(String username,
UsernamePasswordAuthenticationToken authentication)
throws AuthenticationException

but i'd also like to be able to programmatically (in a different flow) add the UserDetails to the security context...

EDIT: never mind, realized i need to implement AbstractAuthenticationToken...

**TerpInMD** · Feb 20th, 2007, 08:10 PM

Originally Posted by karldmoore

Fantasic, glad you've got it working. Out of interest what was the thread you found to get up and running?

Actually it was one of your responses when you linked someone to:

http://www.acegisecurity.org/multipr...bcDaoImpl.html

So thanks again!

**karldmoore** · Feb 21st, 2007, 02:24 AM

Originally Posted by TerpInMD

Actually it was one of your responses when you linked someone to:
http://www.acegisecurity.org/multipr...bcDaoImpl.html

Not a problem..... again

. Glad it was some use to someone!

Thread: Confused about UserDetails

Thread Tools

Display

Confused about UserDetails

Posting Permissions