Any guides as to setting up groups in Spring?

[digitalbanana]

Hi,

I have a web app already using spring and spring security for user based roles from pre 2.0.0 days - I would like to extend this to use the spring security groups implementation so that I can assign users to group (which have permissions).

I have checked the reference guide but there is merely mention of the functionality, not any starting point or examples.

Are there any suitable guides for this? Thanks.

[anurudda_spring]

you can add a directive in jdbc-user-service as group-authorities-by-username-query which will fetch group id, group name and authority...
Here is sample code which

Code:

<security:authentication-provider>
    	<security:password-encoder hash="md5" />
		<security:jdbc-user-service id="userService" data-source-ref="dataSource" group-authorities-by-username-query="SELECT g.id, g.group_name, ga.authority FROM groups g, group_members gm, group_authorities ga WHERE gm.username = ? AND g.id = ga.group_id AND g.id = gm.group_id"
			    users-by-username-query="SELECT username, password, enabled FROM users WHERE username = ?" 
			    authorities-by-username-query="SELECT u.username as 'username', ua.role as 'authority' FROM user_authority ua, user u WHERE ua.username = u.username AND u.username = ?"/>
    </security:authentication-provider>

cheers,
Dilan

[jpicadoba]

you can add a directive in jdbc-user-service as group-authorities-by-username-query which will fetch group id, group name and authority...
Here is sample code which

Code:

<security:authentication-provider>
    	<security:password-encoder hash="md5" />
		<security:jdbc-user-service id="userService" data-source-ref="dataSource" group-authorities-by-username-query="SELECT g.id, g.group_name, ga.authority FROM groups g, group_members gm, group_authorities ga WHERE gm.username = ? AND g.id = ga.group_id AND g.id = gm.group_id"
			    users-by-username-query="SELECT username, password, enabled FROM users WHERE username = ?" 
			    authorities-by-username-query="SELECT u.username as 'username', ua.role as 'authority' FROM user_authority ua, user u WHERE ua.username = u.username AND u.username = ?"/>
    </security:authentication-provider>

cheers,
Dilan

This is my code, but the group-authorities-by-username-query don't work fine, if you use only users-by-username-query and authorities-by-username-query work's fine.

Code:

<jdbc-user-service id="userService" data-source-ref="securityDataSource"
	   users-by-username-query="SELECT 
					  u.nombreUsuario AS Login,
					  u.password AS Password,
					  u.enabled AS Enabled
					FROM
					  dbo.bm_usuario u
					WHERE
					  u.nombreUsuario = ?"
	
	   authorities-by-username-query="SELECT 
					   u.nombreUsuario,
					    au.rol
					FROM
					  dbo.bm_usuario_roles ua
					  INNER JOIN dbo.bm_usuario u ON (ua.id_usuario = u.id_usuario)
					  INNER JOIN dbo.bm_roles au ON (ua.id_rol = au.id_rol)
					WHERE
					  u.nombreUsuario = ? "
		group-authorities-by-username-query="SELECT 
					  g.nombre,
					  a.rol
					FROM
					  dbo.bm_usuario u
					  INNER JOIN dbo.bm_grupo_usuario ug ON (u.id_usuario = ug.id_usuario)
					  INNER JOIN dbo.bm_grupo g ON (ug.id_grupo = g.id_grupo)
					  INNER JOIN dbo.bm_grupos_roles ON (g.id_grupo = dbo.bm_grupos_roles.id_grupo)
					  INNER JOIN dbo.bm_roles a ON (dbo.bm_grupos_roles.id_rol = a.id_rol)
					WHERE
					  u.nombreUsuario = ? " 
					  />

Someone has any example of using this tag: (within authentication-provider)
group-authorities-by-username-query

I take an example on site below.
http://java.dzone.com/tips/pathway-a...ring-security-

Code:

 <authentication-provider>  
<jdbc-user-service data-source-ref="dataSource"  
users-by-username-query="SELECT U.username, U.password, U.accountEnabled AS 'enabled' FROM User U where U.username=?"  
  authorities-by-username-query="SELECT U.username, R.name as 'authority' FROM User U JOIN Authority A ON u.id = A.userId JOIN Role R ON R.id = A.roleId WHERE U.username=?"/>  
 </authentication-provider>