@Override public boolean isCorrectUsernameAndPassword(String username, String password) { User user = userRepository.getUserByUsername(username); if (user == null) { return false; } else { // set authorization List<GrantedAuthority> authority = new ArrayList<GrantedAuthority>(); GrantedAuthority grantedAuthority = new GrantedAuthority() { @Override public String getAuthority() { // TODO Auto-generated method stub return user.getRole().getName(); } }; authority.add(grantedAuthority); Authentication authentication = new UsernamePasswordAuthenticationToken(user, user.getPassword(), authority); SecurityContextHolder.getContext().setAuthentication(authentication); return user.getPassword().equals(password); } }
@Override @PreAuthorize("hasRole('admin')") public User updateUser(User user) { String username = user.getUsername(); String password = user.getPassword(); long id = user.getId(); return userRepository.update(username, password, id); }