堆棧內存溢出
  簡體   English   中英

Spring Security Oauth - 永遠不會調用自定義UserDetailsS​​ervice

[英]Spring Security Oauth - Custom UserDetailsService is never getting called

 原文  2016-04-05 05:30:55       java/ spring/ rest/ spring-security-oauth2

問題描述

彈簧security.xml文件 

<?xml version="1.0" encoding="UTF-8" ?>
<beans
  xmlns="http://www.springframework.org/schema/beans"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
  xmlns:context="http://www.springframework.org/schema/context"
  xmlns:sec="http://www.springframework.org/schema/security"
  xmlns:mvc="http://www.springframework.org/schema/mvc"
  xsi:schemaLocation="
http://www.springframework.org/schema/security/oauth2   http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.1.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.1.xsd ">

  <!-- Default url to get a token from OAuth -->
  <http pattern="/api/oauth/token" create-session="stateless" authentication-manager-ref="clientAuthenticationManager" xmlns="http://www.springframework.org/schema/security">

    <csrf disabled="true"/>
    <intercept-url pattern="/api/oauth/token" access="isFullyAuthenticated()"/>
    <anonymous enabled="false"/>
    <http-basic entry-point-ref="clientAuthenticationEntryPoint"/>

    <custom-filter ref="clientCredentialsTokenEndpointFilter" after="BASIC_AUTH_FILTER"/>
    <access-denied-handler ref="oauthAccessDeniedHandler"/>
  </http>

  <!-- Protected sources  -->
  <http pattern="/api/services/**" create-session="never" entry-point-ref="oauthAuthenticationEntryPoint" access-decision-manager-ref="accessDecisionManager" xmlns="http://www.springframework.org/schema/security" use-expressions="true">
    <anonymous enabled="false"/>
    <intercept-url pattern="/api/**" access="hasRole('ROLE_APP')"/>
    <custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER"/>
    <access-denied-handler ref="oauthAccessDeniedHandler"/>
  </http>

  <bean id="clientCredentialsTokenEndpointFilter" class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
    <property name="authenticationManager" ref="clientAuthenticationManager"/>
  </bean>

  <bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased" xmlns="http://www.springframework.org/schema/beans">
    <constructor-arg>
      <list>
        <bean class="org.springframework.security.oauth2.provider.vote.ScopeVoter"/>
        <bean class="org.springframework.security.access.vote.RoleVoter"/>
        <bean class="org.springframework.security.web.access.expression.WebExpressionVoter"/>
      </list>
    </constructor-arg>
  </bean>

  <authentication-manager id="clientAuthenticationManager" xmlns="http://www.springframework.org/schema/security">
    <authentication-provider user-service-ref="clientDetailsUserService"/>
  </authentication-manager>

  <sec:authentication-manager>
    <sec:authentication-provider user-service-ref='userDetailsServiceImpl'/>
  </sec:authentication-manager>

  <bean id="clientDetailsUserService" class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
    <constructor-arg ref="clientDetails"/>
  </bean>

  <authentication-manager alias="authenticationManager" xmlns="http://www.springframework.org/schema/security">
    <authentication-provider user-service-ref="userDetailsServiceImpl"></authentication-provider>
  </authentication-manager>

  <!-- Token store -->
  <bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.store.JdbcTokenStore">
    <constructor-arg ref="dataSource"/>
  </bean>

  <bean id="tokenServices" class="org.springframework.security.oauth2.provider.token.DefaultTokenServices">
    <property name="tokenStore" ref="tokenStore"/>
    <property name="supportRefreshToken" value="true"/>
    <property name="accessTokenValiditySeconds" value="120"/>
    <property name="clientDetailsService" ref="clientDetails"/>
  </bean>

  <bean id="oAuth2RequestFactory" class="org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory">
    <constructor-arg ref="clientDetails"/>
  </bean>

  <bean id="userApprovalHandler" class="org.springframework.security.oauth2.provider.approval.TokenStoreUserApprovalHandler">
    <property name="tokenStore" ref="tokenStore"/>
    <property name="requestFactory" ref="oAuth2RequestFactory"/>
  </bean>

  <bean id="oauthAuthenticationEntryPoint" class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
    <property name="realmName" value="test/client"/>
    <property name="typeName" value="Basic"/>
  </bean>

  <bean id="clientAuthenticationEntryPoint" class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
    <property name="realmName" value="test/client"/>
    <property name="typeName" value="Basic"/>
  </bean>

  <bean id="oauthAccessDeniedHandler" class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler"/>

  <oauth:authorization-server client-details-service-ref="clientDetails" token-services-ref="tokenServices" user-approval-handler-ref="userApprovalHandler">
    <oauth:authorization-code/>
    <oauth:implicit/>
    <oauth:refresh-token/>
    <oauth:client-credentials/>
    <oauth:password/>
  </oauth:authorization-server>

  <oauth:resource-server id="resourceServerFilter" resource-id="test" token-services-ref="tokenServices"/>

  <bean id="clientDetails" class="com.xxxxxx.service.ClientService"></bean>

  <sec:global-method-security pre-post-annotations="enabled" proxy-target-class="true">
    <sec:expression-handler ref="oauthExpressionHandler"/>
  </sec:global-method-security>

  <oauth:expression-handler id="oauthExpressionHandler"/>
  <oauth:web-expression-handler id="oauthWebExpressionHandler"/>
</beans>

UserServiceImpl 

@Service
public class UserDetailsServiceImpl implements UserDetailsService {

    @Autowired
    private OauthRepository oauthRepository;

    @Override
    public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
        User user = oauthRepository.getByUsername(s);
        return user;
    }

}

ClientServiceImpl 

@Component
public class ClientService implements ClientDetailsService {

    @Autowired
    private OauthRepository oauthRepository;

    @Override
    public ClientDetails loadClientByClientId(String s) throws ClientRegistrationException {
        BaseClientDetails clientDetails = oauthRepository.getByClientId(s);
        return clientDetails;
    }
}

我一直在搜索,但我無法弄清楚為什么不調用UserServiceImpl 我進行了debbuged,並且總是調用ClientServiceImpl來獲取客戶端和用戶。 在向/api/oauth/token發送請求后,使用適當的參數(用戶和客戶端存儲在數據庫中),我得到: 

{"error":"unauthorized","error_description":"Incorrect result size: expected 1, actual 0"}

我正在使用 - Spring Framework 4.2.5.RELEASE - Spring Mvc 4.2.5.RELEASE, - Spring Security 4.1.0.RC1, - Spring Security Oauth2 2.0.9.RELEASE

2 個解決方案

解決方案1
 0  2016-04-05 06:13:57

我覺得你做的很好但是在 

@Service public class UserDetailsServiceImpl implements UserDetailsService

您應該設置用戶的密碼及其角色。

請看這里的代碼 

@Override
public UserDetails loadUserByUsername(String username)
        throws UsernameNotFoundException, DataAccessException
{
    System.out.println("Getting access details from Database !!");

    // Ideally it should be fetched from database and populated instance of
    // #org.springframework.security.core.userdetails.User should be returned from this method
    UserDetails user = new User(username, "password", true, true, true, true, new GrantedAuthority[]{ new GrantedAuthorityImpl("ROLE_USER") });
    return user;
}

UserDetailsS​​ervice接口用於查找任何給定用戶的用戶名,密碼和GrantedAuthorities。 該接口只提供了一個實現類需要實現的方法。

解決方案2
 0  2016-04-05 18:44:53

我在spring-security.xml中通過以下更改解決了這個問題: 

<!-- Default url to get a token from OAuth -->
<http pattern="/api/oauth/token" create-session="stateless"
      authentication-manager-ref="authenticationManager"
                      :

  <authentication-manager id="clientAuthenticationManager" xmlns="http://www.springframework.org/schema/security">
    <authentication-provider user-service-ref="userDetailsServiceImpl"/>
</authentication-manager>

我想我有兩個authenticationMangager實例。 不管怎么說,還是要謝謝你。

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 Spring Security-未調用自定義userDetailsS​​ervice實現 永遠不會調用UserDetailsS​​ervice(Spring啟動安全性) Spring 安全 5 - 我的自定義 UserDetailsService 未被調用 未調用自定義 Spring UserDetailsS​​ervice Spring Security OAuth2中注入自定義userDetailsS​​ervice的問題 Spring Security:未調用自定義 UserDetailsS​​ervice(使用 Auth0 身份驗證) Spring Security自定義UserDetailsS​​ervice和自定義User類 @EJB注入到Custom UserdetailsS​​ervice中(實現Spring Security UserDetailsS​​ervice) Spring Security自定義身份驗證 - AuthenticationProvider與UserDetailsS​​ervice Spring Security找不到自定義的UserDetailsS​​ervice
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM