Comments (5)
JavaJourneyer
commented on June 11, 2024
I want to work on this issue. Could you please let me know what is the motivation behind this overload?
from spring-security.
marcusdacoregio
commented on June 11, 2024
HI @jtroussard, can you elaborate more on why do you need that? I'm assuming that you are associating ids to your users and want to load them using that id, if so, this is a specific use-case and that is not something that the framework can do for you, since different applications will have different business needs.
from spring-security.
jtroussard
commented on June 11, 2024
Yup Sorry! @marcusdacoregio I had this all written up and didn't hit the submit button:
Hi Team
I'm still relatively new to the spring/spring-boot world. I'm working on a web applications authentication/access control workflow and was curious about this class.
If our application doesn't have unique username, this makes implementing this method, tricky or impossible.
Does it make sense to add another method to access the target user, with perhaps a signature like this?
Originally I had user by ID, obviously that was an oversight on my part, I wanted user by email.
public UserDetails loadUserById(Long memberId) throws UsernameNotFoundException
public UserDetails loadUserByEmail(String email) throws UsernameNotFoundException
Seems like it wouldn't be a far fetched thought to consider username names don't HAVE to be unique, so now I'm second guessing myself and might be misunderstanding this class and the best practices for user access (to a dynamic account page for example) and authentication.
from spring-security.
mdeinum
commented on June 11, 2024
What prevents you from implementing the UserDetailsService.findByUsername but passing the emailaddress. The username here is more or less the identifying username you fill into the login name for the authentication (or extract from a token etc.). So it doesn't have to map to a username property in your user table/entity but can map to anything.
from spring-security.
marcusdacoregio
commented on June 11, 2024
@mdeinum is right. Usually you would pass the email as the username parameter. If it doesn't satisfy your needs, consider implementing your own AuthenticationProvider that does not depend on a UserDetailsService.
I'll close this since there is another alternatives to satisfy your need and I don't feel that the framework should do anything different here.
from spring-security.
Related Issues (20)
- Allow authorities loading customization in ActiveDirectoryLdapAuthenticationProvider HOT 1
- spring-security/docs/modules/ROOT/pages/servlet/authorization /method-security HOT 1
- Minor docs fix
- oauth2-client: Parallel refresh requests are very slow (WebFlux)
- SAML metadata Content-Type should be application/samlmetadata+xml
- Link to article with remember-me-persistent-token strategy is broken
- Link to article with remember-me-persistent-token strategy is broken
- Fix Java example in multitenanci.adoc
- Fix Java example in multitenanci.adoc
- Cannot convert value of type 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor' to required type 'javax.servlet.Filter' for property 'filter': no matching editors or conversion strategy found HOT 1
- SpringSecurityCoreVersion.SERIAL_VERSION_UID is wrong in Spring Security 6.3 HOT 2
- Prepare for Spring Security 6.4
- Should OidcIdToken implement equals? HOT 5
- SpringOpaqueTokenIntrospector does not add scopes as granted authorities properly HOT 2
- LDIF file on official documentation breaks the startup process
- LDIF file on official documentation breaks the startup process
- Support `GrantedAuthorityDefaults` Bean in authorizeHttpRequests Kotlin DSL
- IpAddressMatcher.matches(String address) still accepts URLs HOT 2
- Deprecate `authorizeRequests` from Kotlin DSL
- Remove `authorizeRequests` from Kotlin DSL
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from spring-security.