spring_security api解读.docVIP

用户相关的信息是通过org.springframework.security.core.userdetails.UserDetailsService接 口来加载的。该接口的唯一方法是loadUserByUsername(String username)，用来根据用户名加载相关的信息。这个方法的返回值是org.springframework.security.core.userdetails.UserDetails接口类型，其中包含了用户的信息，包括用户名、密码、权限。是否启用、是否锁定、是否过期等。其中最重要的是用户权限，由org.springframework.security.core.GrantedAuthority接口来表示。虽然Spring Security内部的设计和实现比较复杂，但是一般情况下，开发人员只需要使用它默认提供的实现就可以满足绝大多数情况的需求，而且只需要简单的配置声明即可。 使用数据库加载用户信息的时候，所生成的实体类必须有一些基本的信息，这个是框架的约定，这个约定是通过定义UserDetails接口来实现的，也就是你要用我这个框架，那么你就必须给我提供这些信息。 public interface UserDetails extends HYPERLINK /j2se/1.5.0/docs/api/java/io/Serializable.html?is-external=true \o class or interface in java.io Serializable Provides core user information. Implementations are not used directly by Spring Security for security purposes. They simply store user information which is later encapsulated into HYPERLINK /spring-security/site/docs/2.0.x/apidocs/org/springframework/security/Authentication.html \o interface in org.springframework.security Authentication objects. This allows non-security related user information (such as email addresses, telephone numbers etc) to be stored in a convenient location. Concrete implementations must take particular care to ensure the non-null contract detailed for each method is enforced. See HYPERLINK /spring-security/site/docs/2.0.x/apidocs/org/springframework/security/userdetails/User.html \o class in org.springframework.security.userdetails User for a reference implementation (which you might like to extend). Concrete implementations should be immutable (value object semantics, like a String). This is because the UserDetails will be stored in caches and as such multiple threads may use the same instance. public interface UserDetailsService Defines an interface for implementations that wish to provide data access services to the HYPERLINK /spring-security/site/docs/2.0.x/apidocs/org/springframework/security/providers/dao/DaoAuthenticationProvider.html \o class in viders.dao DaoAuthenticationProv