Home/ Questions/Q 8881075
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-14T20:16:29+00:00

I am using spring security and for database based authentication I used following configuration

  • 0

I am using spring security and for database based authentication I used following configuration and its working fine

<authentication-manager alias="authenticationManager">
  <authentication-provider>
     <jdbc-user-service data-source-ref="dataSource"
      users-by-username-query="SELECT ...... U.email_address=?"
      authorities-by-username-query="SELECT ... U.email_address=?">
  </authentication-provider>
</authentication-manager>

now I wanted to add extra info to the session and came across Adding user to session, spring security default login, I tried it and now I have a problem.

XML says I cant use user-service-ref and jdbc-user-service combined. Is there a way to sort it out or else what I have to do if I have to use user-service-ref tag only to authenticate users? What can be the other way to add extra info say a whole Users object to the session.?

Your help will be appreciated.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    After hours of searching and experimenting I was able to do it like this.

    1. Make a new service say MyUserService that will implement org.springframework.security.core.userdetails.UserDetailsService and has annotation @Service. UserDetailsService only has one method loadUserByUserName. Implementation of this method will be in MyUserService. It will look like this.

      @Service
      public class MyUserService implements UserDetailsService {

      @Override
public UserDetails loadUserByUsername(String arg0)
        throws UsernameNotFoundException {

    MyUser user=new MyUser();
    /*get details of user and authorities from database whose username is   
            arg0 and place them in user instance */
    return user;
}

}

    2. MyUser is also a new class that implements org.springframework.security.core.userdetails.UserDetails and all its methods are implemented inside MyUser class. It will look like this.

      public class MyUser implements UserDetails {
    private static final long serialVersionUID = 1L;
/*All the variables their getter setters that you wish to store in session. And    
   implementation of all the methods of UserDetails go here.*/

 }
    3. Define a bean like this
      <bean id="customUserDetailsService" class="org.aurora.timeexpense.service.MyUserService"/>

    Where org.aurora.timeexpense.service.MyUserService is the path of my defined service that implements UserDetailsService.

    4.And Spring Security Configuration will go like this
    <authentication-manager alias="authenticationManager">
    <authentication-provider user-service-ref="customUserDetailsService">
    </authentication-provider>
    </authentication-manager>

    You are good to go.

    • 0