用户名参数在loadUserByUsername(String username)中为空-Spring Boot [英] username parameter is empty in loadUserByUsername(String username) - spring boot
问题描述
这是我的UserDetailService
:
public class StockUserDetailService implements UserDetailsService {
@Autowired
private UserRepository userRepository;
private static final Logger logger = Logger.getLogger(StockUserDetailService.class);
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
logger.debug("entering loadByUserName");
// MongoDatabase database = mongoClient.getDatabase("springsecurity");
User user = userRepository.findOne(username);
logger.debug("this is teh user ibzect ="+user);
if (user == null) {
logger.info("----------------------------------------------user name is "+username);
throw new UsernameNotFoundException("NAT FOUND");
}
return user;
}
}
但是username
参数始终以null
的形式出现.我在Stackoverflow上看到大量其他帖子,都遇到了同样的问题.他们中的一些人说这是因为它期望username
和password
作为HTTP标头而不是JSON的一部分.
But the username
argument always comes as null
. I saw tons of other posts on Stackoverflow with the same problem. Some of them say that it is because it expects the username
and password
as part of HTTP headers rather than a JSON.
但是我不认为这是真的,因为Spring Boot的默认登录页面只有一种简单的形式,它向/login
发出POST
请求.我在做什么.
But I don't think that is true because Spring Boot's default login page just has a simple form which does a POST
request to /login
. Which is what I am doing.
我不明白这里的问题.
PS:我已经正确配置了username
和password
键名:
PS: I have configured by username
and password
key names properly:
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests()
.antMatchers("/signup**").permitAll()
.antMatchers("/login/**").permitAll()
.antMatchers("/logout/**").permitAll()
.and()
.authorizeRequests()
.antMatchers("/admin/**").hasAuthority("ADMIN")
.and()
.formLogin()
.usernameParameter("username").
.passwordParameter("password");
}
推荐答案
您将username
和password
参数作为JSON发送(内容类型application/json
),但是必须发送URL编码的参数(内容类型application/x-www-form-urlencoded
),请参见 Spring安全参考:
You send username
and password
parameter as JSON (content type application/json
), but you have to send URL-encoded parameters (content type application/x-www-form-urlencoded
), see Spring Security Reference:
4 用户名必须作为名为username的HTTP参数出现
4 The username must be present as the HTTP parameter named username
5 密码必须作为名为password的HTTP参数出现
5 The password must be present as the HTTP parameter named password
这篇关于用户名参数在loadUserByUsername(String username)中为空-Spring Boot的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!