Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Using JdbcUserDetailsManager vs own UserDetailsService

Tags:

java

spring

jakarta-ee

spring-security

I am learning about Spring Security and I don't understand completly if I should use JdbcUserDetailsManager or a custom implementation of UserDetailsService. I am using a database for storing users.

I don't get what the JdbcUserDetailsManager gives you apart from a lot of methods, which I am not sure that I want to use? What if you have validations etc? Do you wrap it in a own implementation of UserDetailsService?

I mean, would you leak this manager class througout your application. Is it better to create your own?

like image 623
LuckyLuke Avatar asked May 01 '13 13:05

LuckyLuke

People also ask

What is the purpose of the UserDetailsService?

The UserDetailsService interface is used to retrieve user-related data. It has one method named loadUserByUsername() which can be overridden to customize the process of finding the user. It is used by the DaoAuthenticationProvider to load details about the user during authentication.

What is JdbcUserDetailsManager?

Spring Security in Action MEAP V07 The JdbcUserDetailsManager manages the users in a SQL database. It connects to the database directly through JDBC. This way, the JdbcUserDetailsManager is independent of any other framework or specification related to database connectivity.

What is UserDetailsService in Spring Security?

UserDetailsService is used by DaoAuthenticationProvider for retrieving a username, password, and other attributes for authenticating with a username and password. Spring Security provides in-memory and JDBC implementations of UserDetailsService .

What is AuthenticationManager authenticate?

AuthenticationManager is a static class that manages the authentication modules that an application uses. When a request is made to protected resources, the AuthenticationManager calls the Authenticate method to get an Authorization instance to use in subsequent requests.

1 Answers

There are some differences:

  1. UserDetailsService is the core interface to load user details and is used by DaoAuthenticationProvider.
  2. UserDetailsService has a sub-interface the defines CRUD operations on the abstraction of a user: UserDetailsManager
  3. JdbcDaoImpl is a JDBC implementation of UserDetailsService.
  4. JdbcUserDetailsManager is a JDBC implementation of UserDetailsManager and an extension of JdbcDaoImpl. It also provides the interface GroupManager

Based on the differences, it may affect how you decide which to use, expose, wrap or even implement.

like image 116
nobeh Avatar answered Sep 18 '22 00:09

nobeh
Sign in to Comment

Related questions

How to design an easily-extensible API with the simplicity of Enums?
Refactoring auto-detect file's encoding
Can annotations totally replace Marker Interfaces?
Find name of .jar in java(w).exe process list
synchronize system time in 2 phones
Reversing a word with a Stack
Calculate new coordinates from old coordinates and x and y
Is executeUpdate method in Java a thread-safe one? [duplicate]
Simplifying Hibernate's Query
Associate file type with Java Swing application
Set size for checkbox image in libgdx UI
How to do a case-insensitive string replacement
how to read a list of objects from the configuration file in play framework
JBoss HelloWorld appilcation doesn't start
Method Generics Without Arguments
Formatting Source Code programmatically with JDT
Passing instance variables to instance methods vs. directly accessing them?
ActionBar with icon and text in portrait mode
MethodHandle Lookup facility
Geocoder API for Java

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!