I just want to ask if it is possible to use other properties excluding username & password of a domain class for logging in?
For example I have a Person domain class that has a one-to-one relationship to Account domain class. And I want to authenticate my user using their firstName & birthDate properties found in Person domain class.
Is there a configuration that I can do to make this possible?
はい。それは可能です。
カスタマイズした を作成するauthentication-provider必要があり、その中で認証を行うために好きなパラメーターを使用できます。
例として、次のようなものがあります。
public class MyUserDetailsService implements UserDetailsService{
@Override
public UserDetails loadUserByUsername(String username){
//You have to override this method to have your desired action
//If those criteria are not satisfied you may return null
//Otherwise have an UserDetails filled and returned
org.springframework.security.core.userdetails.User userDetails = new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), user.getIsActive(), true, true, true, getAuthorities(user));
return userDetails
}
Bean 構成では、次のauthentication-providerように独自のものを使用します。
<sec:authentication-manager alias="authenticationManager">
<sec:authentication-provider user-service-ref="myUserDetailsService"/>
</sec:authentication-manager>