Spring Security Using Username or Email

If I understood this correctly, the problem is that you want to search for the username entered by the user in two different database columns.

Of course you can do this by setting up a UserDetailsService.

 public class CustomJdbcDaoImpl extends JdbcDaoImpl { @Override protected List<GrantedAuthority> loadUserAuthorities(String username) { return getJdbcTemplate().query(getAuthoritiesByUsernameQuery(), new String[] {username, username}, new RowMapper<GrantedAuthority>() { public GrantedAuthority mapRow(ResultSet rs, int rowNum) throws SQLException { ....... } }); } @Override protected List<UserDetails> loadUsersByUsername(String username) { return getJdbcTemplate().query(getUsersByUsernameQuery(), new String[] {username, username}, new RowMapper<UserDetails>() { public UserDetails mapRow(ResultSet rs, int rowNum) throws SQLException { ....... } }); } 

Your bean configuration for this class will look something like this.

 <beans:bean id="customUserDetailsService" class="com.xxx.CustomJdbcDaoImpl"> <beans:property name="dataSource" ref="dataSource"/> <beans:property name="usersByUsernameQuery"> <beans:value> YOUR_QUERY_HERE</beans:value> </beans:property> <beans:property name="authoritiesByUsernameQuery"> <beans:value> YOUR_QUERY_HERE</beans:value> </beans:property> </beans:bean> 

Your queries will look something like this.

 select username, password, enabled from user where (username = ? or email = ?) select u.username, a.authority from user u join authority a on u.userId = a.userId where (username = ? or email = ?)