调试易

由于篇幅问题，下面贴出MyUserDetailServiceImpl文件如下：
package cn.zzkj.wp.security;import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.Set;import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.dao.DataAccessException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;import cn.zzkj.wp.dao.ResourcesDao;
import cn.zzkj.wp.dao.UserDao;
import cn.zzkj.wp.model.Resources;
@Component
public class MyUserDetailServiceImpl implements UserDetailsService {
@Autowired
private UserDao userDao;
@Autowired
private ResourcesDao resourcesDao; @Override
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException, DataAccessException {
System.err.println("-----------MyUserDetailServiceImpl loadUserByUsername ----------- ");
//取得用户的权限
cn.zzkj.wp.model.User users = userDao.querySingleUser(username);
if  (users==null)  
            throw new UsernameNotFoundException(username+" not exist!");  
Collection<GrantedAuthority> grantedAuths = obtionGrantedAuthorities(users);
// 封装成spring security的user
User userdetail = new User(
users.getUserName(),
users.getUserPassword(),
true, 
true, 
true,
true, 
grantedAuths //用户的权限
);
return userdetail;
} //或得用户权限
@SuppressWarnings("deprecation")
private Collection<GrantedAuthority> obtionGrantedAuthorities(
cn.zzkj.wp.model.User user) {
//根据用户id，加载该用户拥有的所有资源
List<Resources> resources = resourcesDao.getUserResources(String.valueOf(user.getUserId()));
Set<GrantedAuthority> authSet = new HashSet<GrantedAuthority>();
for (Resources res : resources) {
// ZZQ 用户可以访问的资源名称（或者说用户所拥有的权限） 注意：必须"ROLE_"开头
// 关联代码：applicationContext-security.xml
// 关联代码：com.huaxin.security.MySecurityMetadataSource#loadResourceDefine
authSet.add(new GrantedAuthorityImpl("ROLE_" + res.getResKey()));
}
return authSet;
}}
spring security版本我用的3.1

spring security 太复杂了，apache shiro不错

但现在自学的就是spring security的嘛，shiro以后再说了