[英]Spring Security custom authentication filter using Java Config
[英]User signup failing with using custom authentication filter in spring security 4.0.1
我試圖在數據庫中創建用戶實體后對用戶進行身份驗證,以便在安全上下文中設置經過身份驗證的用戶。 但是它失敗並拋出Bad Credentials錯誤。
這是代碼
UserDetails userDetails = userAuthService.loadUserByUsername(form.getUsername());
UsernamePasswordAuthenticationToken loggedIn = new UsernamePasswordAuthenticationToken(userDetails, userDetails.getPassword(), userDetails.getAuthorities());
//loggedIn.setDetails(userDetails);
authMgr.authenticate(loggedIn);
我正確地獲得了userDetails。 在第一個陳述中。
我正在使用如下的自定義身份驗證
<authentication-manager alias="authMgr">
<authentication-provider user-service-ref="userAuthService">
<password-encoder hash="bcrypt"></password-encoder>
</authentication-provider>
</authentication-manager>
<beans:bean id="userAuthService" class="com.csn.service.UserAuthService" >
</beans:bean>
而UserAuthService類就是這樣。
public class UserAuthService implements UserDetailsService,Serializable{
@Override
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException, DataAccessException {
try{
com.xxx.yyy.Authentication auth = new UserAuthDao().getUserByUsername(username);
if(auth!=null){
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
authorities.add(new com.xxx.ppp.GrantedAuthorityImpl(Constants.userRole));
return new User(auth.getUsername(), auth.getPassword(), true, true, true, true, authorities);
}
else{
return new User(username, "", true, true, true, true, null);
}
}
catch(Exception e){
log.error(className, "loadUserByUsername", e);
}
return null;
}
}
這應該有助於:
SecurityContextHolder.getContext().setAuthentication(loggedIn);
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.