【发布时间】:2017-06-14 11:05:39
【问题描述】:
this tutorial 导致的问题。
我的问题是我总是遇到我的用户被从数据库中读取但我没有获得身份验证的问题。在视图上,它总是显示错误消息“无效的用户名或密码”。我的控制台输出显示没有错误。当我通过身份验证过程进行调试时,没有不清楚的行为可能来自错误。
在我的 pom.xml 中,我使用了以下依赖项。
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-jasper</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
</dependency>
</dependencies>
我的 CustomUserDetailsService.java 看起来像这样。
@Service("customUserDetailsService")
public class CustomUserDetailsService implements UserDetailsService {
private final UserRepository userRepository;
private final UserRolesRepository userRolesRepository;
@Autowired
public CustomUserDetailsService(UserRepository userRepository,
UserRolesRepository userRolesRepository) {
this.userRepository = userRepository;
this.userRolesRepository = userRolesRepository;
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
User user = userRepository.findByUserName(username);
if (user == null) {
throw new UsernameNotFoundException("No user present with username " + username);
}
else {
List<String> userRoles = userRolesRepository.findRoleByUserName(username);
return new CustomUserDetails(user, userRoles);
}
}
}
CustomUserDetails.java
public class CustomUserDetails extends User implements UserDetails {
private static final long serialVersionUID = 1L;
private List<String> userRoles;
public CustomUserDetails(User user, List<String> userRoles) {
super(user);
this.userRoles = userRoles;
}
@Override
public Collection< ? extends GrantedAuthority> getAuthorities() {
String roles = StringUtils.collectionToCommaDelimitedString(userRoles);
return AuthorityUtils.commaSeparatedStringToAuthorityList(roles);
}
@Override
public boolean isAccountNonExpired() {
return false;
}
@Override
public boolean isAccountNonLocked() {
return false;
}
@Override
public boolean isCredentialsNonExpired() {
return false;
}
}
WebSecurityConfig.java
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(passwordencoder());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/", "/home", "/images/**", "/css/**", "/js/**", "/loadEvents")
.permitAll().anyRequest().authenticated().and().formLogin().loginPage("/login")
.permitAll().and().logout().permitAll();
}
@Bean(name = "passwordEncoder")
public PasswordEncoder passwordencoder() {
return new BCryptPasswordEncoder();
}
}
正如我之前提到的,我认为错误不会发生在数据库上。我使用了教程之外的数据库方案。我还使用了 User.java UserRole.java 和教程中的两个存储库。
我的 Application.java 看起来像这样。
@SpringBootApplication
@EnableJpaRepositories(basePackages = "<package>")
@EntityScan(basePackages = "<package>")
public class Application {
public static void main(String[] args) throws Throwable {
SpringApplication.run(Application.class, args);
}
}
更新 1:链接到 Git 项目 https://github.com/pStuetz/Speeddating4SO/tree/master
您可能需要编辑 src/main/resources/application.properties 以支持您的数据库。我包含了用于创建数据库表的 sql 脚本。
【问题讨论】:
-
您能分享您的源代码吗?给定教程中的应用程序无法正常运行,它抱怨缺少页面等。
-
感谢您的回复我已将链接添加到 git 项目。
标签: mysql spring spring-mvc spring-boot spring-security