Wednesday, 19 August 2009

Configuring JDBC Authentication Provider in Spring

Two simple steps to configure JDBC Authentication provider in Spring Security

1. Create a table say named users with column names username (varchar), authority(varchar),enabled (number) , the table shall have other fields also.

2. Add the appropriate entry in the security-configuration details in the xml file as below,

The authorities-by-username-query attribute ,as the name suggests is a sql select statement to select the user name and roles(authorities), Ex we shall add a role named ROLE_SUPERUSER and we can secure our web flow using the configuration in the *-flow.xml.

Common Errors :

* The system gives error if any of the username, password , authority , enabled column is missing in the table
* It gives error if the type of the column - enabled is not number.