问题描述

我一直在寻找到使用Spring Security的我的web应用程序的认证/授权（这将基于JDBC）。

I've been looking into using Spring Security for the authentication/authorization of my web application (this will be JDBC based).

然而，一个核心组成部分似乎是从我的角度排除在外。我如何注册/创建新用户？是否有一个现成的API为何？

However, a core component seems to be left out from my perspective. How do I register/create new users? Is there an out of the box API for that?

我需要从头开始编写用户注册和管理？
的事情，我需要做的包括：
- 注册一个新用户
- 重新设置密码
- 电子邮件发送一个用户激活他们的帐户
- 通过电子邮件发送用户重置自己的帐户

Do i need to write user registration and management from scratch?Things i need to do include:- Registering a new user- Resetting passwords - Emailing a user to activate their account- Emailing a user to reset their account.

感谢您提前。

推荐答案

我使用Spring Security在我的项目。该框架没有为用户创建或注册的API，你问。对于春季安全是通用并在多个框架可用，可你必须编写自定义code之前只需要你这么远。你真的无法获取有关框架或工具使用，因为此时你只需要使用您已经使用反正框架更具体的答案。

I use Spring Security on my project. The framework does not have an API for user creation or registration as you asked. For Spring Security to be generic and usable across multiple frameworks, it can only take you so far before you have to write custom code. You can't really get a more specific answer about a framework or tool to use because at this point you will just use the frameworks you are already using anyway.

如果你已经将它设置为使用用户和角色在你的数据库，从数据访问层，你会在该记录创建在用户表中的记录或更新密码（pferably存储为哈希$ P $） 。而作为亚拉文说，春节确实提供

If you've set it up to use users and roles in your database, from your data access layer you would create a record in the user table or update a password (preferably stored as a hash) in that record. And as Aravind said, Spring does provide email support.

如果你真的想看到做这件事：我使用Spring MVC中，JSP和Hibernate。我使用Spring的表单标签在JSP到一个新的用户表单绑定到一个Person对象，而我的控制器方法传递的Person对象以吾道坚持它。

If you really want to see one way to do it: I'm using Spring MVC, JSP, and Hibernate. I use Spring's form tags in a JSP to bind a new user form to a Person object, and my controller method passes that Person object to my Dao to persist it.

控制器方法签名看起来像这样...

The controller method signature looks like this...

@RequestMapping(value = "/newUser", method = RequestMethod.POST)
public ModelAndView createNewUser(final @Valid @ModelAttribute Person user,
                                  final BindingResult result,
                                  final SessionStatus status,
                                  final @RequestParam(value = "unencodedPassword", required = true) String password) {
        ...
        user.getRoles().add(new Role(user, Role.APPLICATION_ROLE.ROLE_USER));
        userDao.createNewUser(user);
        ...
}

和我PersonDao的会使用Hibernate的坚持，像这样的用户

and my PersonDao would use Hibernate to persist the user like so

@Transactional
public void createNewUser(Person user)
{
    Session session = sessionFactory.getCurrentSession();
    session.save(user);
    session.flush();
}

这篇关于Spring Security的用户账号注册，创建和管理的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！