java - 在 Spring Security 中配置记住我功能
问题描述
RememberMeConfigurer 通过调用它的方法 loadUserByUsername() 来使用 UserDetailsService,问题是,我希望它传递用户的电子邮件而不是用户名。它适用于简单登录,但不适用于记住我选项。我怎样才能记住我将电子邮件(不是用户名)传递给 UserDetailsService.loadUserByUsername() 的便利?登录表单:
<form action="login" method="POST" >
<legend>Sing In</legend>
<div class="form-group">
<div class="input-group">
<label class="form-label" for="email">
Email
</label>
<div class="form-input-field">
<input id="email" name="username"
type="text" autocomplete="off"/>
</div>
</div>
</div>
<div class="form-group">
<div class="input-group">
<label class="form-label" for="password">
Password
</label>
<div class="form-input-field">
<input id="password" name="password"
type="password" autocomplete="off" />
</div>
</div>
</div>
<div class="form-group">
<div class="input-group">
<label id="checkbox-label" class="form-label" for="remember">
Remember me
</label>
<div class="form-input-field">
<input id="remember" name="remember"
type="checkbox" />
</div>
</div>
<div id="submit-button">
<input type="submit" value="Sign In" />
</div>
</form>
网络安全配置:
@Override
public void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity.formLogin()
.loginPage("/login")
.permitAll()
.defaultSuccessUrl("/account")
.and()
.rememberMe()
.key("rem-me-key")
.userDetailsService(userDetailsService)
.rememberMeParameter("remember")
.rememberMeCookieName("rememberMeCookie")
.tokenValiditySeconds(60 * 60 * 24 * 3)
.and()
.logout()
.deleteCookies("JSESSIONID")
.permitAll();
httpSecurity.authorizeRequests()
.mvcMatchers("/admin").hasRole("ADMIN")
.mvcMatchers("/account").hasRole("CUSTOMER")
.mvcMatchers("/cart").hasRole("CUSTOMER")
.anyRequest().permitAll();
httpSecurity.csrf()
.disable();
}
UserDetailsService 实现:
@Service
public class AppUserDetailsService implements UserDetailsService {
private static final Logger log =
LogManager.getLogger(AppUserDetailsService.class.getName());
private AppUserRetrievalRepository appUserRetrievalRepository;
public AppUserDetailsService(
@Autowired
AppUserRetrievalRepository appUserRetrievalRepository) {
this.appUserRetrievalRepository = appUserRetrievalRepository;
}
@Override
public UserDetails loadUserByUsername(String email)
throws UsernameNotFoundException {
log.info("Trying to load user by name: " + email);
Optional<AppUser> optUser =
appUserRetrievalRepository.getUserByEmail(email);
UserDetails userDetails =
new AppUserDetails(optUser.orElseThrow(
() -> new UsernameNotFoundException(email + " cannot be found") )
);
return userDetails;
}
}
显示问题的日志:~当我使用登录而不记住我选项时:
*** LOG4J *** Trying to load user by name: myEmailAddress@example.com
〜当我使用登录并选中记住我选项时:
*** LOG4J *** Trying to load user by name: cody
解决方案
推荐阅读
- java - JVM如何能够同时处理spring单例代码?
- c# - 从 json 对象检索(反序列化)特定属性到 C# 结构(json 反序列化)
- ruby - 为什么在某些 Linux 机器上会忽略 POSIX 信号?
- versionone - 如何使用 API 在 VersionOne 中检索成员在 TeamRoom 中的参与历史?
- node.js - 尝试通过套接字发送数据时如何识别用户
- c - 互斥锁内的信号量等待
- python - 从 getattr() 获取内存位置
- javascript - Jquery 在从 Webpack 注入后无法在 React 应用程序中全局运行
- python - 无法为 Google 助理生成凭据
- amazon-sqs - 如何找出具有特定 groupId 的所有消息已从 SQS 中的队列中读取?