java - 面临SpringBoot Security模块登录错误

Question

我正在创建具有登录功能的 Spring Boot 基本应用程序。

我的登录功能无法正常工作并生成以下调试日志。

2019-09-26 14:50:01.262 DEBUG 3720 --- [nio-8080-exec-4] o.s.b.w.f.OrderedRequestContextFilter    : Bound request context to thread: org.apache.catalina.connector.RequestFacade@6deb15fd
2019-09-26 14:50:01.277 DEBUG 3720 --- [nio-8080-exec-4] o.s.b.w.f.OrderedRequestContextFilter    : Cleared thread-bound request context: org.apache.catalina.connector.RequestFacade@6deb15fd

下面是我的 Controller 类代码。

package com.sourabh.app.controller;
import java.util.List;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;    
import com.sourabh.app.repository.SpringJava4sDAO;
import com.sourabh.model.Customer;

@RestController
public class MainAppController {

    @Autowired
    public SpringJava4sDAO dao;

    @RequestMapping("/")
    public String welcome() {
        return "Welcome to Sring boot application";
    }

        @RequestMapping("/userlogin")
        public String userValidation() {
            return "User: Successfully logged in!";
        }

        @RequestMapping("/adminlogin")
        public String adminValidation() {
            return "Admin: Successfully logged in!";
        }
}

下面是我的 SpringSecurityConfig 类代码

package com.sourabh.app.configs;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {

    // Authentication : set user/password details and mention the role
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication().passwordEncoder(org.springframework.security.crypto.password.NoOpPasswordEncoder.getInstance())
            .withUser("user").password("pass").roles("USER")
            .and()
            .withUser("admin").password("pass").roles("USER", "ADMIN");
    }

    // Authorization : mention which role can access which URL
    protected void configure(HttpSecurity http) throws Exception {
        http.httpBasic().and().authorizeRequests()
            .antMatchers("/userlogin").hasRole("USER")
            .antMatchers("/adminlogin").hasRole("ADMIN")
            .and()
            .csrf().disable().headers().frameOptions().disable();
    }
}

添加的依赖项是pom.xml

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>

启动驱动类代码

package com.sourabh.app;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.builder.SpringApplicationBuilder;
import org.springframework.boot.web.support.SpringBootServletInitializer;

@SpringBootApplication
public class MainApp extends SpringBootServletInitializer {

    public static void main(String[] args) {
        SpringApplication.run(MainApp.class, args);

    }

    @Override
    protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
        return application.sources(MainApp.class);
    }
}

我错过了什么，或者犯了什么错误吗？

注意:- dao 和 model 不包含在问题中，因为它们不是登录过程的一部分。 登录弹出窗口即将出现，但其授权使用r。

Answer 1

您缺少@Configuration。您的配置类应按如下所示进行注释。

@Configuration
@EnableWebSecurity
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter
{
...
}