Home/ Questions/Q 6953947
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T14:32:35+00:00

I have implemented Spring Security in my application. I have used default implementation, i.e.,

  • 0

I have implemented Spring Security in my application. I have used default implementation, i.e., I have configured it with my own parameters (DataSource, Secured Areas, etc), but I haven’t write any Custom implementation.

Now I want to capture more data from the user, that is on the same table as username and password, like company name, id, etc. However, I don’t want do use this information in order to login.

I’m not sure how to do it. From what I’ve read, it’s related to UserDetailsService. However, it seems that writing a Custom UserDetailsService would be necessary if I wanted to use this information during the login, and that’s not what I want. I just want to use this information inside the application, after the user have logged in.

Is it really related to UserDetailsServer? Is this the only file I have to modificate?

All the examples I found of custom UserDetailsService just used username and password, so I can’t understand where new data would come in.

Thanks!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Overriding the UserDetailsService is what we did.. You’ll need to implement your own UserDetailsService and your own UserDetails object:

    public class CustomService implements UserDetailsService {
   @Transactional(readOnly = true)
    public UserDetails loadUserByUsername(String username) {

        Account account = accountDAO.findAccountByName(username);

        if (account == null) {
            throw new UsernameNotFoundException("account name not found");
        }
        return buildUserFromAccount(account);
    }


    @SuppressWarnings("unchecked")
    @Transactional(readOnly = true)
    private User buildUserFromAccount(Account account) {

        String username = account.getUsername();
        String password = account.getPassword();
        boolean enabled = account.getEnabled();
        boolean accountNonExpired = account.getAccountNonExpired();
        boolean credentialsNonExpired = account.getCredentialsNonExpired();
        boolean accountNonLocked = account.getAccountNonLocked();

        // additional information goes here
        String companyName = companyDAO.getCompanyName(account);


        Collection<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
        for (Role role : account.getRoles()) {
            authorities.add(new SimpleGrantedAuthority(role.getName()));
        }

        CustomUserDetails user = new CustomUserDetails (username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked,
                authorities, company);

        return user;
    }


public class CustomUserDetails extends User{

    // ...
    public CustomUserDetails(..., String company){
         super(...);
         this.company = company;
    }

    private String company;

    public String getCompany() { return company;}

    public void setCompany(String company) { this.company = company;}
}
    • 0