Spring,通過數據庫進行身份驗證
[英]Spring, Authentication with database
問題描述
我想使用基本身份驗證保護端點。
當我嘗試使用正確的用戶名和密碼登錄時-一切正常。
我的問題是,當我嘗試使用錯誤的用戶名或密碼登錄時,我得到了:
java.lang.StackOverflowError: null
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter$UserDetailsServiceDelegator.loadUserByUsername(WebSecurityConfigurerAdapter.java:442) ~[spring-security-config-4.2.1.RELEASE.jar:4.2.1.RELEASE]
我該如何解決?
SecurityConfig.java
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private static final String AUTHORITIES_QUERY = "SELECT u.username, r.role FROM user u " +
"INNER JOIN user_role ur ON u.id = ur.user_id " +
"INNER JOIN role r ON ur.role_id = r.id " +
"WHERE u.username=?";
private static final String USERS_QUERY = "SELECT username, password, is_active FROM user WHERE username=?";
@Autowired
private DataSource dataSource;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.jdbcAuthentication()
.usersByUsernameQuery(USERS_QUERY)
.authoritiesByUsernameQuery(AUTHORITIES_QUERY)
.dataSource(dataSource).and()
.userDetailsService(userDetailsService());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers("/").permitAll()
.antMatchers("/user").hasAuthority("USER")
.antMatchers("/admin").hasAuthority("ADMIN")
.anyRequest().fullyAuthenticated()
.and()
.httpBasic().and()
.csrf()
.disable();
}
}
1 個解決方案
解決方案1
0 2017-02-18 03:19:38
您可以訪問此( http://www.mkyong.com/spring-security/spring-security-hibernate-annotation-example/ )鏈接。 關於“ Spring Security +休眠注釋示例”
使用數據庫中的單個表的Spring Security Authentication
[英]Spring Security Authentication using single table in database
使用cas進行Spring Security身份驗證但是使用數據庫進行授權
[英]Spring security Authentication with cas but Authorization with database
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.