I use Spring to validate user login.
User credentials are stored in the database.
Here is the related section from my appContext-security.xml file.
This code works, but my problem is that I am using a raw SQL query for " user-by-username-query " and " -user-request . Thus, if I need to support multiple databases and if the Sql syntax changes then I have a problem.
Can I put these queries in some form of a Java class? so that I can easily change the SQL syntax in this java class and make these SQL DB dependent ?
<authentication-manager alias="authManager"> <authentication-provider> <password-encoder hash="md5"/> <jdbc-user-service data-source-ref="jndiDataSource" users-by-username-query="select name, password, enabled from USER where user_status<>0 and name=?" authorities-by-username-query="select m.name,p.name from USER m, ROLE p where m.name=? and m.application_role=p.id"/> </authentication-provider> </authentication-manager> <beans:bean id="jndiDataSource" class="org.springframework.jndi.JndiObjectFactoryBean"> <beans:property name="jndiName" value="java:/appManaged"/> </beans:bean>
Any help would be greatly appreciated.
source share