java.lang.ClassCastException:org.springframework.security.core.userdetails.User无法强制转换为model.User [英] java.lang.ClassCastException: org.springframework.security.core.userdetails.User cannot be cast to model.User
问题描述
我在我的应用程序中使用Spring Security。我需要在我的应用程序的控制器中登录用户详细信息。
I am using Spring Security in my application. I need loggedIn user details in the controllers of my application.
为此我使用此代码
User loggedInUser = (User)SecurityContextHolder.getContext().getAuthentication().getPrincipal();
但是在运行此代码时,我得到了classcastexception
But on running this code I get a classcastexception
java.lang.ClassCastException: org.springframework.security.core.userdetails.User cannot be cast to model.User
为了解决这个问题,我提到了这个文章
To fix this I referred to this article
最初我使用了CustomUserServiceDetails类
Initially I used a CustomUserServiceDetails class
@Service("myUserDetailService")
@Transactional
public class CustomUserDetailsService implements UserDetailsService {
private static final Logger logger = Logger.getLogger(CustomUserDetailsService.class);
@Autowired
private UserDAO userDAO;
public UserDetails loadUserByUsername(String name) throws UsernameNotFoundException, DataAccessException {
// returns the get(0) of the user list obtained from the db
User domainUser = userDAO.getUser(name);
logger.debug("User fetched from database in loadUserByUsername method " + domainUser);
Set<Role> roles = domainUser.getRole();
logger.debug("role of the user" + roles);
Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
for(Role role: roles){
authorities.add(new SimpleGrantedAuthority(role.getRole()));
logger.debug("role" + role + " role.getRole()" + (role.getRole()));
}
boolean credentialNonExpired = true;
return new org.springframework.security.core.userdetails.User(domainUser.getProfileName(), domainUser.getPassword(), domainUser.isAccountEnabled(),
domainUser.isAccountNonExpired(), credentialNonExpired, domainUser.isAccountNonLocked(),authorities);
}
}
但是在推荐之后在文章中,我从此处删除了GrantedAuthorities的设置,并将其移至我的User类。在我的User类中实现了spring-security UserDetails类
But after referring to the article I removed the setting of GrantedAuthorities from here and moved it to my User class. Implemented spring-security UserDetails class in my User class
现在我的User类中有一个额外的属性
Now I have an extra property in my User class
@Entity
@Table(name = "user")
public class User implements UserDetails {
private Collection<GrantedAuthority> authorities;
带有setMethod
with a setMethod
public void setAuthorities(Set<Role> roles) {
Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
for(Role role: roles){
authorities.add(new SimpleGrantedAuthority(role.getRole()));}
}
A。我不知道如何将此属性映射到数据库。现有的User表架构除了它甚至不是基本类型之外,不包含GrantedAuthority列。我正在使用Hibernate进行对象映射。任何人都可以建议我在控制器中获取用户类信息的正确方法吗?
A. I am not sure how to map this property to the database. The existing User table schema doesn't contain a GrantedAuthority column besides It's not even a primitive type. I am using Hibernate for object mapping. Can anyone advice me the correct approach to obtain the user class info in the controllers?
B.我还考虑了扩展spring的User类并重载User类的构造函数的方法。但是每当我在代码中的任何地方初始化我的用户时,我必须提供所有构造函数参数,这些参数根本不好。
B. I also considered the approach of extending the spring's User class and overloading the constructor of my User class. But then every time I initialize my User anywhere in the code I have to provide all the constructors parameters which is not good at all.
推荐答案
修复了问题
解决方案
创建了一个实现Spring的CustomUserDetail类UserDetails接口。在其中注入我的模型User类。
Created a CustomUserDetail class which implements Spring's UserDetails interface. Injected the my model User class in it.
public class CustomUserDetail implements UserDetails{
private static final long serialVersionUID = 1L;
private User user;
Set<GrantedAuthority> authorities=null;
public User getUser() {
return user;
}
public void setUser(User user) {
this.user = user;
}
public Collection<? extends GrantedAuthority> getAuthorities() {
return authorities;
}
public void setAuthorities(Set<GrantedAuthority> authorities)
{
this.authorities=authorities;
}
public String getPassword() {
return user.getPassword();
}
public String getUsername() {
return user.getProfileName();
}
public boolean isAccountNonExpired() {
return user.isAccountNonExpired();
}
public boolean isAccountNonLocked() {
return user.isAccountNonLocked();
}
public boolean isCredentialsNonExpired() {
return user.isCredentialsNonExpired();
}
public boolean isEnabled() {
return user.isAccountEnabled();
}
}
CustomUserServiceDetails
CustomUserServiceDetails
public class CustomUserDetailsService implements UserDetailsService {
@Autowired
private UserDAO userDAO;
public CustomUserDetail loadUserByUsername(String name) throws UsernameNotFoundException, DataAccessException {
// returns the get(0) of the user list obtained from the db
User domainUser = userDAO.getUser(name);
Set<Role> roles = domainUser.getRole();
logger.debug("role of the user" + roles);
Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
for(Role role: roles){
authorities.add(new SimpleGrantedAuthority(role.getRole()));
logger.debug("role" + role + " role.getRole()" + (role.getRole()));
}
CustomUserDetail customUserDetail=new CustomUserDetail();
customUserDetail.setUser(domainUser);
customUserDetail.setAuthorities(authorities);
return customUserDetail;
}
}
在我的控制器中方法
CustomUserDetail myUserDetails = (CustomUserDetail) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
Integer userId=myUserDetails.getUser().getUserId(); //Fetch the custom property in User class
这篇关于java.lang.ClassCastException:org.springframework.security.core.userdetails.User无法强制转换为model.User的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!