在 Spring Boot 中配置 JDBC 身份验证 [英] Configure JDBC Authentication in Spring Boot
问题描述
目标:使用默认安全配置将 jdbc 身份验证添加到 Spring Boot.
Goal: Add jdbc authentication to spring boot with default security configurations.
来源可以在这里
通过将 AuthenticationManagerBuilder 自动装配到您的 @Configuration 类之一中的方法来配置全局 AuthenticationManager
configure the global AuthenticationManager by autowiring an AuthenticationManagerBuilder into a method in one of your @Configuration classes
和 Spring Security Docs 示例:
@Autowired
private DataSource dataSource;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.jdbcAuthentication()
.dataSource(dataSource)
.withDefaultSchema()
.withUser("user").password("password").roles("USER").and()
.withUser("admin").password("password").roles("USER", "ADMIN");
}
鉴于上述情况,添加了以下内容(在这里找到):
Given the above, added the following (found here):
@Configuration
@EnableAuthorizationServer
@EnableResourceServer
public class AuthenticationManagerConfig {
@Autowired
private DataSource dataSource;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication()
.dataSource(dataSource)
.withDefaultSchema()
.withUser("user").password("password").roles("ROLE_USER").and()
.withUser("admin").password("password").roles("ROLE_USER", "ROLE_ADMIN");
}
}
导致错误:
java.lang.IllegalStateException: Cannot apply org.springframework.security.config.annotation.authentication.configurers.provisioning.JdbcUserDetailsManagerConfigurer@13404f75 to already built object
再往上看,我们可以看到自动配置在不应该做的时候做它的事情:
and further up the logs, we can see the auto config doing it's thing when it shouldn't be:
2016-02-02 22:52:48.047 DEBUG 30487 --- [ost-startStop-1] eGlobalAuthenticationAutowiredConfigurer : Eagerly initializing {org.springframework.boot.autoconfigure.security.SpringBootWebSecurityConfiguration=org.springframework.boot.autoconfigure.security.SpringBootWebSecurityConfiguration$$EnhancerBySpringCGLIB$$627430a8@78acaa86}
2016-02-02 22:52:48.074 DEBUG 30487 --- [ost-startStop-1] .s.BootGlobalAuthenticationConfiguration : Eagerly initializing {user=com.msyla.usergreeter.user.User$$EnhancerBySpringCGLIB$$3cd414fd@73128671, coreConfig=com.msyla.usergreeter.user.core.config.CoreConfig$$EnhancerBySpringCGLIB$$30c07250@6ed3c66b}
2016-02-02 22:52:48.095 INFO 30487 --- [ost-startStop-1] b.a.s.AuthenticationManagerConfiguration :
Using default security password: 5b33158f-156d-43f4-892f-6c452f15e1cc
问题:这里所要求的只是具有默认引导配置,但用户的存储位置除外,jdbc 而不是内存.我做错了吗?文档错了吗?我尝试了其他几条路线都无济于事.
Question: All that is being asked here is to have default boot configurations with the exception of where the user is being stored, jdbc instead of in memory. Am I doing it incorrectly? Are the docs wrong? I have tried several other routes to no avail.
提前致谢!
推荐答案
经过大量工作,我回想起如何正确使用 spring,也就是逐步检查他们的代码以更好地理解手术式地解决我的需求.通过一些调查,确定需要修改/扩展的类.结果:
After much work, I recalled how to properly work with spring, that is to step through their code to get a better understanding in surgically addressing my needs. With some investigation, determined the class in need of modification/extension. Resulting in:
@Configuration
@EnableAuthorizationServer
@EnableResourceServer
public class AuthenticationManagerConfig extends GlobalAuthenticationConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource);
}
}
以上将指示 spring 通过 jdbc 查找,同时保持其他所有自动配置.
The above will instruct spring to look up via jdbc while keeping everthing else auto configured.
这篇关于在 Spring Boot 中配置 JDBC 身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!