[英]Spring Security: AuthenticationProvider and UserDetailsService not working as expected
[英]Spring security UserDetailsService not working
好的,希望您能幫助我,這是我的最后嘗試。 我對這個春季安全世界還很陌生,我無法解決這個問題。 我嘗試了很多事情,遵循了許多教程,卻一無所獲。
問題是,正如您在標題中看到的那樣,使自定義用戶詳細信息服務正常工作。 它只是沒有登錄,似乎未調用customuserdetailsservice,因為控制台中未顯示sysout。
它作為具有彈簧安全性的存儲功能而具有魅力。 以下是我的代碼。
春季安全配置:
@Configuration
@EnableWebSecurity
@ComponentScan(basePackageClasses = CustomUserDetailsService.class)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
UserDetailsService userDetailsService;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
//auth.inMemoryAuthentication().withUser("ram").password("ram123").roles("ADMIN");
auth.userDetailsService(userDetailsService).passwordEncoder(passwordencoder());
}
@Override
public void configure(WebSecurity web) throws Exception {
web
.ignoring()
.antMatchers("/bower_components/**", "/resources/**", "/img/**"); // #3
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic().and().csrf().disable()
.authorizeRequests()
.antMatchers("/", "/home", "/call").permitAll() // #4
.antMatchers("/resource", "/video").hasRole("USER") // #6
.anyRequest().authenticated();
}
@Bean(name="passwordEncoder")
public PasswordEncoder passwordencoder(){
return new BCryptPasswordEncoder();
}
}
CustomUserDetailsService
@Service("customUserDetailsService")
public class CustomUserDetailsService implements UserDetailsService{
private UserService userService;
@Override
public UserDetails loadUserByUsername(String ssoId)
throws UsernameNotFoundException {
User user = userService.findByUsername(ssoId);
System.out.println("User : "+user);
if(user==null){
System.out.println("User not found");
throw new UsernameNotFoundException("Username not found");
}
return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(),
user.isEnabled(), true, true, true, getGrantedAuthorities(user));
}
private List<GrantedAuthority> getGrantedAuthorities(User user){
List<GrantedAuthority> authorities = new ArrayList<>();
authorities.add(new SimpleGrantedAuthority(user.getRole()));
System.out.print("authorities :"+authorities);
return authorities;
}
}
初始化類
@SpringBootApplication
@EnableWebSocket
public class One2OneCallApp implements WebSocketConfigurer {
@Bean
public CallHandler callHandler() {
return new CallHandler();
}
@Bean
public UserRegistry registry() {
return new UserRegistry();
}
@Bean
public KurentoClient kurentoClient() {
return KurentoClient.create();
}
@Bean
public UiApplication uiApplication(){
return new UiApplication();
}
@Bean
public CustomUserDetailsService customUserDetailsService(){
return new CustomUserDetailsService();
}
@Bean
public SecurityConfig securityConfig(){
return new SecurityConfig();
}
@Bean
public EncryptPassword encryptPassword(){
return new EncryptPassword();
}
@Override
public void registerWebSocketHandlers(WebSocketHandlerRegistry registry) {
registry.addHandler(callHandler(), "/call");
}
public static void main(String[] args) throws Exception {
System.out.println("Iniciando");
new SpringApplication(One2OneCallApp.class).run(args);
}
}
我還測試了與數據庫的通信,並且工作正常。 我正在尋求任何幫助。 對不起,英語不好。 謝謝你們!
編輯:在下面回答我自己的問題。
在SecurityConfig
類中:
@Autowired
CustomUserDetailsService customUserDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(customUserDetailsService);
}
更改
@Autowired
UserDetailsService userDetailsService;
至
@Autowired
CustomUserDetailsService userDetailsService;
另外,將安全性配置導入Web / socket配置中,然后將組件掃描移至此處,而不是安全性上
@ComponentScan(basePackageClasses = CustomUserDetailsService.class)
@Import(value = { SecurityConfig.class })
public class WebConfig extends WebMvcConfigurerAdapter { /*...*/ }
您正在安全配置中設置hasRole(“”),並且正在使用授權進行身份驗證。
而不是使用.antMatchers(“ / resource”,“ /video").hasRole("USER”)使用.antMatchers(“ / resource”,“ /video").hasAuthority("USER”)
最后,我只為演示做准備而使用內置的內存選擇。 我認為我的問題與spring boot和應用程序中的初始化有關。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.