java - 如何在 Spring Security 中将 PasswordEncoder 添加到 JdbcUserDetailsManager 中?
问题描述
我正在学习 Spring Security,我想在 JdbcUserDetailsManager 中添加 BCryptPasswordEncoder。
这是代码:
@Configuration
@EnableWebSecurity
public class DemoSecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
@Autowired
public UserDetailsManager userDetailsManager(DataSource securityDataSource) {
JdbcUserDetailsManager jdbcUserDetailsManager = new JdbcUserDetailsManager();
jdbcUserDetailsManager.setDataSource(securityDataSource);
return jdbcUserDetailsManager;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/").hasRole("EMPLOYEE")
.antMatchers("/leaders/**").hasRole("MANAGER")
.antMatchers("/systems/**").hasRole("ADMIN")
.and()
.formLogin()
.loginPage("/showMyLoginPage")
.loginProcessingUrl("/authenticateTheUser")
.permitAll()
.and()
.logout().permitAll()
.and()
.exceptionHandling().accessDeniedPage("/access-denied");
}
}
我需要将 UserDetailsManager bean 注入其他类。谢谢!
解决方案
你应该使用这个类来创建 UserDetails Bean
@Service("customUserDetailsService")
public class CustomUserDetailsService implements UserDetailsService{
static final Logger logger = LoggerFactory.getLogger(CustomUserDetailsService.class);
@Autowired
private com.fortsolution.schedmate.data.services.UserService userService;
@Transactional(readOnly=true)
public UserDetails loadUserByUsername(String ssoId)
throws UsernameNotFoundException {
System.out.println("fine here murtaza");
int id = Integer.parseInt(ssoId);
User user = userService.findById(id);
logger.info("User : {}", user);
if(user==null){
logger.info("User not found");
throw new UsernameNotFoundException("Username not found");
}
return new org.springframework.security.core.userdetails.User(""+user.getId(), user.getPassword(),
true, true, true, true, getGrantedAuthorities(user));
}
private List<GrantedAuthority> getGrantedAuthorities(User user){
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
for(UserProfile userProfile : user.getUserProfiles()){
logger.info("UserProfile : {}", userProfile);
authorities.add(new SimpleGrantedAuthority("ROLE_"+userProfile.getType()));
}
return authorities;
}
}
创建此类后,您将在您的
@Autowired
@Qualifier("customUserDetailsService")
UserDetailsService userDetailsService;
@Override
@Autowired // <-- This is crucial otherwise Spring Boot creates its own
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService);
auth.authenticationProvider(authenticationProvider());
}
和
@Bean
public DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();
authenticationProvider.setUserDetailsService(userDetailsService);
authenticationProvider.setPasswordEncoder(passwordEncoder());
return authenticationProvider;
}
推荐阅读
- java - 无法使用 Spring Boot 应用程序配置 XRay
- mongodb - 从 set mongodb 中的查找中删除项目的字段
- python - 芹菜如何将处理结果列表传递给另一个任务?
- intellij-idea - 如何仅将 WebStorm FileWatcher 用于当前文件
- python - yFinance:.download / .history 函数只提供从下午 1 点到晚上 7 点的数据(Python)
- swift - 解析大型 Firebase 快照
- javascript - Firestore 慢查询导致整个逻辑崩溃
- c - 在 C 中创建数据结构
- virus - 我们在 QNAP NAS 上使用 ResilioSync,而我们的一个 NAS 被 QLocker 勒索软件攻击,我们该怎么办?
- typescript - 使用 Prisma 2 和 NestJS 进行日志记录 - 依赖注入问题?