【发布时间】:2021-11-21 01:45:09
【问题描述】:
我是弹簧靴的新手。我正在尝试使用 Spring Tool Suite(STS) 中的 userdetailsservice 实现简单的 Spring Boot 安全性。
下面是我使用的控制器:
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class HomeController {
@GetMapping("/")
public String home() {
return("<h1>Welcome</h1>");
}
@GetMapping("/user")
public String user() {
return("<h1>Welcome user</h1>");
}
}
以及Web安全配置代码:
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
@EnableWebSecurity
public class AppSecureConfig extends WebSecurityConfigurerAdapter {
@Autowired
UserDetailsService userDetailsService;
@Autowired
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/user").hasRole("USER")
.antMatchers("/").permitAll()
.and().formLogin()
.and().logout().permitAll();
}
@Bean
public PasswordEncoder getPasswordEncoder() {
return NoOpPasswordEncoder.getInstance();
}
}
我在 pom.xml 中给出了所有必需的依赖项。
所以,我在 application.propperties 文件中添加了以下行,现在系统没有生成安全密码。
spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.security.servlet.UserDetailsServiceAutoConfiguration
并且我已经包含了凭据的用户详细信息服务。 下面是用户详细服务类
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
@Service
public class MyuserDetails implements UserDetailsService {
@Override
public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
return new userPrincipal(s);
}
}
和 userPrincipal 类
import java.util.Arrays;
import java.util.Collection;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
public class userPrincipal implements UserDetails {
private static final long serialVersionUID = 1L;
private String userName;
public userPrincipal(String userName) {
this.userName = userName;
}
public userPrincipal() {
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));
}
@Override
public String getPassword() {
// TODO Auto-generated method stub
return "pass";
}
@Override
public String getUsername() {
// TODO Auto-generated method stub
return userName;
}
@Override
public boolean isAccountNonExpired() {
// TODO Auto-generated method stub
return true;
}
@Override
public boolean isAccountNonLocked() {
// TODO Auto-generated method stub
return true;
}
@Override
public boolean isCredentialsNonExpired() {
// TODO Auto-generated method stub
return true;
}
@Override
public boolean isEnabled() {
// TODO Auto-generated method stub
return true;
}
}
现在,当我使用 http://localhost:8081/ url 运行应用程序时,它给出“No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken”。
我正在使用 Spring 工具套件 (STS) 来运行这个项目。有人能指出我在这里做错了什么吗?
【问题讨论】:
-
将
@Configuration添加到您的AppSecureConfig课程中。
标签: java spring spring-boot spring-security rest