[英]Manual authentication with authenticationManager spring boot java
我正在嘗試使用 authenticationManager 在服務內部手動驗證用戶:
Authentication authenticate = authenticationManager.authenticate(
new UsernamePasswordAuthenticationToken(
user,
senha,
Collections.emptyList()
));
但是每次我從上述經理那里得到以下異常:
"There is no PasswordEncoder mapped for the id \"null\""
authenticationManager 正在以這種方式導入:
@Autowired
private AuthenticationManager authenticationManager;
我已經嘗試將密碼輸入更改為 {bcrypt}password,以通知正確的 passwordEncoder 但錯誤仍然存在,我還創建了一個 BCryptPassword Bean,它在配置文件中定義,就像這樣:
@Configuration
public class BeansConfig {
@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder(){
return new BCryptPasswordEncoder();
}
}
EDIT1:這是密碼發送到 authenticationManager 的格式: {bcrypt}$2a$10$[...]
EDIT2:正如建議的那樣,我在與 BCryptPasswordEncoder 相同的配置文件中實現了以下 Bean:
@Bean
public PasswordEncoder delegatingPasswordEncoder() {
PasswordEncoder defaultEncoder = new StandardPasswordEncoder();
Map<String, PasswordEncoder> encoders = new HashMap<>();
encoders.put("bcrypt", new BCryptPasswordEncoder());
encoders.put("scrypt", new SCryptPasswordEncoder());
DelegatingPasswordEncoder passworEncoder = new DelegatingPasswordEncoder(
"bcrypt", encoders);
passworEncoder.setDefaultPasswordEncoderForMatches(defaultEncoder);
return passworEncoder;
}
但錯誤仍然存在。
對於進一步的問題,這是我在WebSecurity.java
文件中配置密碼編碼的方式:
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder);
}
EDIT4:按照提議,我已經刪除了 BCryptPassword bean,並將我的密碼編碼設置為 delegatingPasswordEncoding,就像這樣,
@Autowired
private PasswordEncoder passwordEncoder;
public WebSecurity(UserDetailsServiceImpl userService, PasswordEncoder passwordEncoder){
this.userDetailsService = userService;
this.passwordEncoder = passwordEncoder;
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(this.passwordEncoder);
}
但是現在我收到以下錯誤,
java.lang.IllegalArgumentException: Detected a Non-hex character at 1 or 2 position
at org.springframework.security.crypto.codec.Hex.decode(Hex.java:58) ~[spring-security-crypto-5.7.1.jar:5.7.1]
at org.springframework.security.crypto.password.StandardPasswordEncoder.decode(StandardPasswordEncoder.java:106) ~[spring-security-crypto-5.7.1.jar:5.7.1]
我的密碼仍然是這樣發送的: {bcrypt}$2a$10$[...]
作為參考,我正在嘗試這樣做: https://www.baeldung.com/manually-set-user-authentication-spring-security
在調試時,我發現 authenticationManager 使用的 DaoAuthenticationProvider 包含錯誤的 passwordEncoder。 像這樣定義自定義 DaoAuthenticationProvider 的 Bean:
@Bean
public DaoAuthenticationProvider authProvider() {
DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
authProvider.setUserDetailsService(userDetailsService);
authProvider.setPasswordEncoder(bCryptPasswordEncoder);
return authProvider;
}
並像這樣設置我的 AuthenticationManagerBuilder :
@Override
protected void configure(AuthenticationManagerBuilder auth){
auth.authenticationProvider(authProvider());
}
WebSecurity.java 配置文件里面解決了我所有的問題。
參考: 自定義身份驗證提供程序
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.