个人中心
gpt4 book ai didi

java - 为什么我的登录不起作用? Spring 安全

转载 作者:行者123 更新时间:2023-12-01 17:51:13 24 4
gpt4 key购买 nike

我正在学习 Spring MVC 并尝试在我的应用程序中实现 Spring Security。我已经创建了自定义登录并尝试使用自定义登录表单进行登录。当我运行应用程序时,登录页面正确显示,但输入用户名和密码后它不起作用。提交登录表单正在调用相同的登录页面,但 URL 错误。

我的用户详细信息服务:

@Service
public class CustomUserDetailsService implements UserDetailsService {
    @Autowired
    private UserService userService;

    @Transactional
    @Override
    public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
        User user = userService.getUserByEmail(email);
        if (user != null) {
            List<GrantedAuthority> authorities = getUserAuthority(user.getRoles());
            return buildUserForAuthentication(user, authorities);
        } else {
            throw new UsernameNotFoundException("user with email " + email + " does not exist.");
        }
    }

    private List<GrantedAuthority> getUserAuthority(Set<Role> userRoles) {
        Set<GrantedAuthority> roles = new HashSet<>();
        userRoles.forEach((role) -> {
            roles.add(new SimpleGrantedAuthority(role.getName()));
        });
        return new ArrayList<GrantedAuthority>(roles);
    }

    private UserDetails buildUserForAuthentication(User user, List<GrantedAuthority> authorities) {
        return new org.springframework.security.core.userdetails.User(user.getEmail(), user.getPassword(), authorities);
    }
}



Web安全配置

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Qualifier("customUserDetailsService")
    @Autowired
    private UserDetailsService userDetailsService;

    @Bean
    public BCryptPasswordEncoder bCryptPasswordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth
                .userDetailsService(userDetailsService)
                .passwordEncoder(bCryptPasswordEncoder());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .antMatchers("/profile").authenticated()
                .anyRequest().permitAll()
                .and()
                .formLogin()
                .loginPage("/login")
                .defaultSuccessUrl("/", true)
                .permitAll()
                .and()
                .httpBasic()
                .and()
                .csrf().disable()
                .logout()
                .logoutSuccessUrl("/");
    }
}



用户类别:

@Entity
@Table(name = "users")
public class User {
    @Id
    @GeneratedValue(strategy = GenerationType.AUTO)
    private Long id;
    private String email;
    private String password;
    private String firstName;
    private String lastName;
    private String joinedDate;
    @Embedded
    @AttributeOverrides({
            @AttributeOverride( name = "country", column = @Column(name = "country")),
            @AttributeOverride( name = "city", column = @Column(name = "city")),
            @AttributeOverride( name = "zipCode", column = @Column(name = "zip_code")),
            @AttributeOverride( name = "street", column = @Column(name = "street")),
            @AttributeOverride( name = "homeNumber", column = @Column(name = "home_number"))
    })
    private Address address;
    private String phoneNumber;
    @ManyToMany
    private Set<Role> roles = new HashSet<Role>();

GETTERS AND SETTERS

用户服务:

@Service
@Transactional
public class UserServiceImpl implements UserService {
    @Autowired
    private UserRepository userRepository;
    @Autowired
    private PasswordEncoder bCryptPasswordEncoder;
    @Autowired
    private RoleRepository roleRepository;

    @Override
    public User getUserByEmail(String email) {
        return userRepository.findByEmail(email);
    }

    @Override
    public User addUser(UserRegistrationDto user) throws EmailExistsException {
        if (checkEmailExists(user.getEmail())) {
            throw new EmailExistsException("There is an account with that email adress: " + user.getEmail());
        } else {
            User userObject = new User();
            userObject.setEmail(user.getEmail());
            userObject.setPassword(bCryptPasswordEncoder.encode(user.getPassword()));
            userObject.setFirstName(user.getFirstName());
            userObject.setLastName(user.getLastName());
            userObject.setPhoneNumber(user.getPhoneNumber());
            userObject.setAddress(user.getAddress());
            userObject.setJoinedDate(DateUtils.todayStr());
            userObject.setRoles(new HashSet<>(roleRepository.findAll()));
            userRepository.save(userObject);
            return userObject;
        }
    }

    @Override
    public void updateUser(String email, User userUpdate) {
        User toUpdate = userRepository.findByEmail(email);
        if(toUpdate.getEmail().equals(userUpdate.getEmail())){
            userRepository.save(userUpdate);
        }
    }

    private boolean checkEmailExists(String email) {
        User user = null;
        user = userRepository.findByEmail(email);

        if (user != null) {
            return true;
        } else {
            return false;
        }
    }
}



在表单中输入数据后,会出现数据库查询。 UserDetailsS​​ervice 也不会抛出找不到用户的错误。那么错误可能出在哪里呢?

最佳答案

乍一看,您不应该在“CustomUserDetailsS​​ervice”类中注入(inject) UserServiceDAO 而不是 UserService 吗?

关于java - 为什么我的登录不起作用? Spring 安全,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/60792992/

24 4 0
文章推荐: clojure - 我可以在 Clojure 中混合后置条件和递归函数吗?
文章推荐: Java XML - 将字符转换为实体
文章推荐: ios - UINavigationBar 水平位置
文章推荐: java - Java Spring 中使用 @OneToMany 关系发生奇怪的开始
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com