Howto implement Spring Security User/Authorities with Hibernate/JPA2?

You AppAuthority doesn't need username at all. Spring Security can't depend on it because it depends on the GrantedAuthority interface which doesn't have any methods to access username.

You AppAuthority doesn't need username at all. Spring Security can't depend on it because it depends on the GrantedAuthority interface which doesn't have any methods to access username. But the better practice is to decouple your domain model from Spring Security.

When you have a custom UserDetailsService, you don't need to mimic neither Spring Security's default database schema nor its object model. Your UserDetailsService can load your own AppUser and AppAuthority and then create UserDetails and GrantedAuthoritys based on them. This leads to cleaner design with better separation of concerns.

Ah! That's great news! I shall proceed precisely as you suggest, thanks.

– user268098 Sep 13 '10 at 13:50.

This looks like the classic bernate problem of using a domain-specific key. A possible fix would be to create a new primary key field; e.g. UserId int for the Users and Authorities entities / tables, remove Authorities. UserName, and change Users.

UserName to a unique secondary key.

Your solution was my first guess, and if it wasn't for Spring, I would have used it (actually, if I had designed this data model, I'd always used int ids). However, I fear that with all that convention-over-configuration, removing attributes may have unpredictable side-effects on the rest of the Spring Security Framework. What if some Spring Sec.

Beans rely on Authorities. UserName? Sure, I could re-implement them, but is there no other solution leaving my data model untouched?

All in all, I do expect a ORM framework to adopt to a given data model, and not the other way round ... – user268098 Sep 12 '10 at 23:00.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.