Spring 安全 UserDetailsService 不起作用 [英] Spring security UserDetailsService not working
问题描述
好的,我希望你能帮助我,这是我最后一次尝试.我对这个春季安全世界很陌生,我无法让它发挥作用.我尝试了很多东西,学习了很多教程,但一无所获.
Ok guys, I hope you can help me, this is my last attempt. I am quite new to this spring security world and I cant get this to work. I tried many things, followed many tutorials and nothing.
问题如您在标题中所见,使自定义用户详细信息服务起作用.它只是没有登录,似乎没有调用 customuserdetailsservice,因为 sysouts 没有显示在控制台中...
The problem is as you saw in the title, make a custom user details service to work. It just not logs in, It appears that the customuserdetailsservice is not being called, as the sysouts are not showing in the console...
它作为一种魅力在内存功能中具有弹簧安全性.以下是我的代码.
It works as a charm with spring security in memory features. Below are my codes.
Spring 安全配置:
Spring Security Config:
@Configuration
@EnableWebSecurity
@ComponentScan(basePackageClasses = CustomUserDetailsService.class)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
UserDetailsService userDetailsService;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
//auth.inMemoryAuthentication().withUser("ram").password("ram123").roles("ADMIN");
auth.userDetailsService(userDetailsService).passwordEncoder(passwordencoder());
}
@Override
public void configure(WebSecurity web) throws Exception {
web
.ignoring()
.antMatchers("/bower_components/**", "/resources/**", "/img/**"); // #3
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic().and().csrf().disable()
.authorizeRequests()
.antMatchers("/", "/home", "/call").permitAll() // #4
.antMatchers("/resource", "/video").hasRole("USER") // #6
.anyRequest().authenticated();
}
@Bean(name="passwordEncoder")
public PasswordEncoder passwordencoder(){
return new BCryptPasswordEncoder();
}
}
自定义用户详细信息服务
CustomUserDetailsService
@Service("customUserDetailsService")
public class CustomUserDetailsService implements UserDetailsService{
private UserService userService;
@Override
public UserDetails loadUserByUsername(String ssoId)
throws UsernameNotFoundException {
User user = userService.findByUsername(ssoId);
System.out.println("User : "+user);
if(user==null){
System.out.println("User not found");
throw new UsernameNotFoundException("Username not found");
}
return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(),
user.isEnabled(), true, true, true, getGrantedAuthorities(user));
}
private List<GrantedAuthority> getGrantedAuthorities(User user){
List<GrantedAuthority> authorities = new ArrayList<>();
authorities.add(new SimpleGrantedAuthority(user.getRole()));
System.out.print("authorities :"+authorities);
return authorities;
}
}
初始化类
@SpringBootApplication
@EnableWebSocket
public class One2OneCallApp implements WebSocketConfigurer {
@Bean
public CallHandler callHandler() {
return new CallHandler();
}
@Bean
public UserRegistry registry() {
return new UserRegistry();
}
@Bean
public KurentoClient kurentoClient() {
return KurentoClient.create();
}
@Bean
public UiApplication uiApplication(){
return new UiApplication();
}
@Bean
public CustomUserDetailsService customUserDetailsService(){
return new CustomUserDetailsService();
}
@Bean
public SecurityConfig securityConfig(){
return new SecurityConfig();
}
@Bean
public EncryptPassword encryptPassword(){
return new EncryptPassword();
}
@Override
public void registerWebSocketHandlers(WebSocketHandlerRegistry registry) {
registry.addHandler(callHandler(), "/call");
}
public static void main(String[] args) throws Exception {
System.out.println("Iniciando");
new SpringApplication(One2OneCallApp.class).run(args);
}
}
我还测试了与数据库的通信,它运行良好.我正在寻求任何帮助.抱歉英语不好.谢谢大家!
I've also tested the communication with the database and it works perfectly fine. I'm seeking any help. Sorry for bad English. Thank you all!
在下面回答了我自己的问题.
Answered my own question down below.
推荐答案
我最终只为了我必须做的演示而使用内置的内存验证.我认为我的问题与 spring boot 和应用程序中的初始化有关.
I ended up staying with the built in memory anthentication just for the presentation I had to do. I think my problem had to do with something in spring boot and the initialization in my application.
这篇关于Spring 安全 UserDetailsService 不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
