SEC-1421: JdbcUserDetailsManager is missing setters for group management sqls #1664

spring-issuemaster opened this Issue Feb 24, 2010 · 0 comments


None yet

1 participant


matthew inger (Migrated from SEC-1421) said:

The JdbcUserDetailsManager class is missing just about all the setters for the SQL statements used for the group management functions. This renders the class useless in any form other than the default configuration.

I was basically setting up a subclass which would have a setter method like this:

public void setTablePrefix(String prefix) {
  String usersTable = prefix + "users";
  String authoritiesTable = prefix + "authorities";
  String groupAuthoritiesTable = prefix + "group_authorities";
  String groupsTable = prefix + "groups";
  String groupMembersTable = prefix + "group_members";

  setCreateUserSql(DEF_CREATE_USER_SQL.replace("into users", "into " + usersTable));

however, when i get to the point of doing all the group management sql statements, I realized there are no setters for these sqls (things like insertGroupAuthoritySql and so forth). This means I can't change their value, as they are private fields. I realize I could probably use reflection and gain direct access to the Field and set it that way, but it's not ideal, and won't necessarily work in all environments.

While we're on the subject, a class like this (and it's counterpart for JdbcDaoImpl) would probably be a good candidate for inclusion into the API itself, as I think it would be a common thing people would want to do.

@spring-issuemaster spring-issuemaster added this to the 3.1.0.M1 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment