![](/img/trans.png)
[英]Twitter API to get Tweets using Application Only Authentication returns HTTP Status Code 401
[英]Get 401 response when using the authentication setup with the application
我創建了一項服務,可以將新用戶保存到數據庫中並(應該)對用戶進行身份驗證。 我現在遇到的問題是,在使用服務創建后,無法使用相同的用戶名和密碼對用戶進行身份驗證。
身份驗證:基本身份驗證
密碼編碼器:BCryptPasswordEncoder
數據庫:本地Mongodb
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private PasswordEncoder encoder;
@Autowired
private UserService userService;
@Override
public void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests().antMatchers("/config", "/registerUser").permitAll()
.and()
.authorizeRequests().antMatchers("/**").authenticated().and().httpBasic()
.and().logout().logoutSuccessUrl("/").permitAll()
;
}
@Override
protected void configure(AuthenticationManagerBuilder authManagerBuilder) throws Exception {
//authentication will work if I switch to the in-memory authentication below
// authManagerBuilder
// .inMemoryAuthentication()
// .withUser("user").password(encoder.encode("password")).roles("USER");
authManagerBuilder.authenticationProvider(authProvider());
}
@Bean
public DaoAuthenticationProvider authProvider() {
DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
authProvider.setUserDetailsService(userService);
authProvider.setPasswordEncoder(this.encoder);
return authProvider;
}
}
@Service
public class UserService implements IUserService {
@Autowired
private UserDetailRepository userDetailRepository;
@Autowired
private PasswordEncoder encoder;
@Override
public User saveUser(User user) {
String password = user.getPassword();
String passwordHased = this.encoder.encode(password);
user.setPassword(passwordHased);
User ud = this.userDetailRepository.save(user);
return ud;
}
@Override
public User getUserWithId(String userId) {
return this.userDetailRepository.findById(userId).get();
}
@Override
public User loadUserByUsername(String s) throws UsernameNotFoundException {
return this.userDetailRepository.findByUsername(s);
}
}
public class User implements UserDetails {
@Id
private String userId;
private String username;
private String password;
@Override
public final Collection<? extends GrantedAuthority> getAuthorities() {
List<String> privileges = new ArrayList<>();
privileges.add("READ");
privileges.add("WRITE");
return getGrantedAuthorities(privileges);
}
private final List<GrantedAuthority> getGrantedAuthorities(final List<String> privileges) {
final List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
for (final String privilege : privileges) {
authorities.add(new SimpleGrantedAuthority(privilege));
}
return authorities;
}
... (other overridden methods omitted)
}
我懷疑我的getAuthorities()方法未正確執行。
如果您需要更多信息,請告訴我
我在回答我自己的問題。
我上面發布的代碼沒有錯,但是我省略了發布。 在擴展UserDetails的User類中,需要重寫一些方法。
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
現在,它們都被設置為返回true,並且可以正常工作,之前它們都返回false。
愚蠢的錯誤。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.