整体源码还是比较简单的,通过 HashMap 存储:
<aside> 💡
用户名是不区分大小写的,不管是查询还是存储。算是一种符合「最小惊讶原则」的设计。
</aside>
JdbcUserDetailsManager:底层用的是 JdbcTemplate,不是特别方便定义用户表、角色表
使用 MyBatis 或者 Spring Data JPA(Hibernate) 的时候,直接写一个实现了 UserDetailsService 接口的实现类,然后配置一下即可,以 MyBatis 为例:
@Service
public class MyUserDetailsService implements UserDetailsService {
@Autowired
UserMapper userMapper;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
User user = userMapper.loadUserByUsername(username);
if (user == null) {
throw new UsernameNotFoundException("用户不存在");
}
user.setRoles(userMapper.getRolesByUid(user.getId()));
return user;
}
}
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
MyUserDetailsService myUserDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(myUserDetailsService);
}