Menu
What is the purpose of enable attribute of org.springframework.security.core.userdetails.User class? Should I always keep that attribute in my 'user' table and use it to populate User instances when being fetched?
322
See UserDetails interface for more details and check isEnabled() method.
Indicates whether the user is enabled or disabled. A disabled user cannot be authenticated.
The attribute is used when a user is being authenticated. If the user is disabled, Spring Security throws DisabledException exception.
However, you can implement your own AuthenticationProvider that will ignore this attribute if it is useless for you or you can set it always to true when User instances are being created.
Hence, whether to keep this attribute in a persistent storage depends only on your needs.
145
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
