I am to develop an application(project) which will have two separate login processes.
1) for admin user (User table)
2) for customer (Customer table)
When admin user will login from admin login page then I will send user to admin dashboard where admin can see links and access some links according to their role(permissions)
When customer will login from customer login page then I will send customer to customer dashboard where customer can access their data.
Admin user data will come from admin user table and customer data will come from customer table.
I have developed role based admin part of this project.
Now I'm confuse how I will manage customer login process.
I had developed application in past where we used same table for normal user & admin user . Differentiate by adding some flag in user table or by their role.
But in current project I have two separate entities.
I'm confuse How will we manage two separate login process in same project for two separate user entities by spring security?
shyam shridhar wrote:
I think I have to create two separate projects one for admin user and another for customer only this way I'm able to manage security things by spring security.
No you just have two seperate UserDetailsService classes configured for your AuthenticationManager. And it will check one then the other automatically. So if it doesn't find a user match in the first one, then it will check the second one. If it find a match there, then it goes on.
Check out the Spring Security documentation on UserDetailsService.
You could also always implement your own UserDetailsService. The interface has only one method loadUserByUserName. For a custom UserDetailsService, search www.theserverside.com for my free article that I wrote there a couple months ago.