Spring Security自定义UserDetailsService和自定义User类 [英] Spring Security custom UserDetailsService and custom User class
问题描述
我正在尝试在de user主对象中保存其他数据。
I am trying to save additional data in de user principal object.
我做的是:
为我的现有用户类实现UserDetails接口,保存我的附加数据(如电子邮件地址等)。
implement the "UserDetails" interface to my existing user class where my additional data is saved ( like email address etc. ).
@Entity
public class User implements UserDetails {
然后我创建了一个UserDetailsService实现:
Then i created a UserDetailsService implementation:
@Service
public class UserDetailsServiceImpl implements UserDetailsService {
@Autowired
UserDAO userDAO;
@Override
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException {
User user = userDAO.findOneByUsername(username);
if (user == null)
throw new UsernameNotFoundException("username " + username
+ " not found");
System.out.println("---------------------> FOUND ------------->"
+ user.getEmail());
return user;
}
}
最后一步是添加UserDetailsService在我的安全配置中。
Last step was to add the UserDetailsService in my Security configuration.
@Configuration
@EnableWebMvcSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
UserDetailsService userDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth)
throws Exception {
auth.userDetailsService(userDetailsService());
// ...
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.userDetailsService(userDetailsService());
// ...
}
@Override
protected UserDetailsService userDetailsService() {
return userDetailsService;
}
我在我的控制台中看到loadUserByName被调用两次(因为找到输出)。
I see in my console that "loadUserByName" gets called twice ( because of the "Found" output ).
当我尝试访问控制器中的主体对象时 - >
When i try to access the principal object in my controller ->
System.out.println(SecurityContextHolder.getContext()
.getAuthentication().getPrincipal());
我没有得到我的额外数据。
当我尝试将它转换为我的User对象时,我得到一个无法转换异常。
I dont get my additional data. When i try to cast it to my User object i get a could not cast exception.
我有什么遗漏吗?
提前谢谢。
推荐答案
好的。我的问题隐藏在我没有发布的代码中。
Ok. My problem was hidden in the code i didnt post.
我认为这个detailsService只是为了获得更多细节,但它用于登录本身。
I thought this detailsService is only to get additional details but it is used for the login itself.
我另外配置了jdbcAuthentication,Spring似乎总是使用它。
I had "jdbcAuthentication" configured additionally and spring seemed to use this always.
现在我只得到了detailsService配置一切正常很好。
Now that i only got the detailsService configured everything works fine.
编辑。:
所以我只需删除此代码:
so i only had to delete this code:
auth.jdbcAuthentication() .dataSource(dataSource)
* .passwordEncoder(passwordEncoder) .usersByUsernameQuery(
// ....
现在它也适用于上述问题中的代码。
And now it also works with my code in the question above.
这篇关于Spring Security自定义UserDetailsService和自定义User类的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!