堆栈内存溢出
  简体   繁体   English

在Spring Boot中配置JDBC身份验证

[英]Configure JDBC Authentication in Spring Boot

 原文  2016-02-02 21:58:46       java/ spring/ spring-security/ spring-boot

问题描述

Goal: Add jdbc authentication to spring boot with default security configurations. 目标:使用默认安全配置将jdbc身份验证添加到Spring Boot。

Source can be found here 来源可以在这里找到

Per Spring Boot Docs 每个Spring Boot Docs

configure the global AuthenticationManager by autowiring an AuthenticationManagerBuilder into a method in one of your @Configuration classes 通过将AuthenticationManagerBuilder自动装配到@Configuration类之一中的方法中来配置全局AuthenticationManager

and Spring Security Docs with example: Spring Security Docs的示例: 

@Autowired
private DataSource dataSource;

@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
    auth
        .jdbcAuthentication()
            .dataSource(dataSource)
            .withDefaultSchema()
            .withUser("user").password("password").roles("USER").and()
            .withUser("admin").password("password").roles("USER", "ADMIN");
}

Given the above, added the following ( found here ): 鉴于以上所述,添加以下内容( 在此处找到 ): 

@Configuration
@EnableAuthorizationServer
@EnableResourceServer
public class AuthenticationManagerConfig {

    @Autowired
    private DataSource dataSource;

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.jdbcAuthentication()
                .dataSource(dataSource)
                .withDefaultSchema()
                .withUser("user").password("password").roles("ROLE_USER").and()
                .withUser("admin").password("password").roles("ROLE_USER", "ROLE_ADMIN");
    }
}

with resulting error: 结果错误: 

java.lang.IllegalStateException: Cannot apply org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer@13404f75 to already built object

and further up the logs, we can see the auto config doing it's thing when it shouldn't be: 进一步查看日志,我们可以看到自动配置在不应该执行此操作时起作用: 

2016-02-02 22:52:48.047 DEBUG 30487 --- [ost-startStop-1] eGlobalAuthenticationAutowiredConfigurer : Eagerly initializing {org.springframework.boot.autoconfigure.security.SpringBootWebSecurityConfiguration=org.springframework.boot.autoconfigure.security.SpringBootWebSecurityConfiguration$$EnhancerBySpringCGLIB$$627430a8@78acaa86}
2016-02-02 22:52:48.074 DEBUG 30487 --- [ost-startStop-1] .s.BootGlobalAuthenticationConfiguration : Eagerly initializing {user=com.msyla.usergreeter.user.User$$EnhancerBySpringCGLIB$$3cd414fd@73128671, coreConfig=com.msyla.usergreeter.user.core.config.CoreConfig$$EnhancerBySpringCGLIB$$30c07250@6ed3c66b}
2016-02-02 22:52:48.095  INFO 30487 --- [ost-startStop-1] b.a.s.AuthenticationManagerConfiguration : 

Using default security password: 5b33158f-156d-43f4-892f-6c452f15e1cc

Question: All that is being asked here is to have default boot configurations with the exception of where the user is being stored, jdbc instead of in memory. 问题:这里要求的是具有默认的引导配置,除了用户存储的位置(jdbc而不是内存)外。 Am I doing it incorrectly? 我做错了吗? Are the docs wrong? 文档错了吗? I have tried several other routes to no avail. 我尝试了其他几条路线都无济于事。

Thanks in advance! 提前致谢!

2 个解决方案

解决方案1
 2 已采纳  2016-02-05 13:37:00

After much work, I recalled how to properly work with spring, that is to step through their code to get a better understanding in surgically addressing my needs. 经过大量的工作,我回顾了如何正确使用spring,即逐步阅读他们的代码,以更好地了解如何以外科方式满足我的需求。 With some investigation, determined the class in need of modification/extension. 经过调查,确定了需要修改/扩展的类别。 Resulting in: 导致: 

@Configuration
@EnableAuthorizationServer
@EnableResourceServer
public class AuthenticationManagerConfig extends GlobalAuthenticationConfigurerAdapter {

    @Autowired
    private DataSource dataSource;

    @Override
    public void init(AuthenticationManagerBuilder auth) throws Exception {
        auth.jdbcAuthentication().dataSource(dataSource);
    }
}

The above will instruct spring to look up via jdbc while keeping everthing else auto configured. 上面将指示spring通过jdbc查找,同时保持其他所有内容自动配置。

解决方案2
 0  2016-02-03 03:27:36

if you want to override the default security configuration, make sure you are extending the WebSecurityConfigurerAdapter class 如果要覆盖默认的安全配置,请确保扩展了WebSecurityConfigurerAdapter 

@Configuration
@EnableAuthorizationServer
@EnableResourceServer
public class AuthenticationManagerConfig extends WebSecurityConfigurerAdapter
{
    // ...
}

and remove the prefix ROLE_ on your role definition, it will added automatically by spring. 并在角色定义上删除前缀ROLE_,它将在spring之前自动添加。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Spring 启动 JDBC 身份验证不起作用 - Spring Boot JDBC authentication not working Spring Boot:配置 h2 jdbc url - Spring Boot: Configure h2 jdbc url Spring 启动安全 JDBC 基本认证失败 - Spring Boot Security JDBC Basic Authentication Failure 登录验证 - Spring 启动安全,JDBC - Login authentication - Spring Boot Security, JDBC Spring Security中如何在内存身份验证和jdbc身份验证中同时配置 - how to configure both in memory authentication and jdbc authentication in spring security 如何在Spring Boot中配置自定义身份验证和授权? - How to configure Custom Authentication and Authorization in spring boot? 如何在Flyway中使用Spring Boot / Spring Security的JDBC身份验证 - How to use JDBC-Authentication of Spring Boot/Spring Security with Flyway 如何在 Spring 启动 jdbc 应用程序中配置 2 个数据库并将数据插入表中 - How to configure 2 databases in Spring boot jdbc application and insert data into table 无法在Spring引导中使用JDBC身份验证创建安全连接 - Unable to create a Secure Connection with JDBC authentication in spring boot 使用 MyBatis + H2 配置 Spring Boot 身份验证/登录 - Configure Spring Boot Authentication / Login with MyBatis + H2
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM