Hibernate 集成Spring安全性:身份验证自定义UserDetailsService
使用SpringMVC+Hibernate/JPA构建应用程序之后 我想要一个安全的春天 在身份验证过程中,我遇到了一个问题,无法执行查询 这里是我的Security-config.xmlHibernate 集成Spring安全性:身份验证自定义UserDetailsService,hibernate,spring-mvc,jpa,spring-security,Hibernate,Spring Mvc,Jpa,Spring Security,使用SpringMVC+Hibernate/JPA构建应用程序之后 我想要一个安全的春天 在身份验证过程中,我遇到了一个问题,无法执行查询 这里是我的Security-config.xml <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<!-- Activates various annotations to be detected in bean classes -->
<context:annotation-config />
<!-- Scans the classpath for annotated components that will be auto-registered as Spring beans.
For example @Controller and @Service. Make sure to set the correct base-package -->
<context:component-scan base-package="com.pfe.*" />
<security:global-method-security pre-post-annotations="enabled"></security:global-method-security>
<security:http auto-config="true" use-expressions="true">
<security:session-management invalid-session-url="/login?time=1">
<security:concurrency-control max-sessions="1" expired-url="/login?time=1"/>
</security:session-management>
<security:form-login
login-page="/login"
login-processing-url="/login.do"
default-target-url="/home"
always-use-default-target="true"
authentication-failure-url="/login?error=true"
username-parameter="username"
password-parameter="password"/>
<security:logout
logout-url="/logout"
logout-success-url="/login?out=true"
delete-cookies="JSESSIONID"
invalidate-session="true"/>
<security:intercept-url pattern="/login*" access="permitAll"/>
<security:intercept-url pattern="/home*" access="permitAll"/>
</security:http>
<bean id="encoder"
class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder">
<constructor-arg name="strength" value="10" />
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider user-service-ref="loginService">
<security:password-encoder ref="encoder"/>
</security:authentication-provider>
</security:authentication-manager>
</beans>
跟踪:
20:15:40,401 DEBUG LogicalConnectionImpl:3794 - Obtaining JDBC connection
20:15:40,401 DEBUG DriverManagerDataSource:162 - Creating new JDBC DriverManager Connection to [jdbc:mysql://localhost:3306/mybd?useUnicode=yes&characterEncoding=UTF-8]
20:15:40,409 DEBUG LogicalConnectionImpl:3794 - Obtained JDBC connection
20:15:40,409 DEBUG JdbcTransaction:3554 - initial autocommit status: true
20:15:40,409 DEBUG JdbcTransaction:3554 - disabling autocommit
20:15:40,410 DEBUG ExtendedEntityManagerCreator$ExtendedEntityManagerInvocationHandler:423 - Starting resource local transaction on application-managed EntityManager [org.hibernate.ejb.EntityManagerImpl@ded21c]
20:15:40,411 DEBUG ExtendedEntityManagerCreator$ExtendedEntityManagerInvocationHandler:400 - Joined local transaction
20:15:40,441 DEBUG QueryTranslatorImpl:3799 - parse() - HQL: SELECT myuser FROM User myuser where myuser.username =:login
20:15:40,446 DEBUG QueryTranslatorImpl:3554 - --- HQL AST ---
\-[QUERY] Node: 'query'
+-[SELECT_FROM] Node: 'SELECT_FROM'
| +-[FROM] Node: 'FROM'
| | \-[RANGE] Node: 'RANGE'
| | +-[IDENT] Node: 'User'
| | \-[ALIAS] Node: 'myuser'
| \-[SELECT] Node: 'SELECT'
| \-[IDENT] Node: 'myuser'
\-[WHERE] Node: 'where'
\-[EQ] Node: '='
+-[DOT] Node: '.'
| +-[IDENT] Node: 'myuser'
| \-[IDENT] Node: 'username'
\-[COLON] Node: ':'
\-[IDENT] Node: 'login'
20:15:40,446 DEBUG ErrorCounter:3794 - throwQueryException() : no errors
20:15:40,474 DEBUG HqlSqlBaseWalker:3809 - select << begin [level=1, statement=select]
20:15:40,487 DEBUG JpaTransactionManager:843 - Initiating transaction rollback
20:15:40,488 DEBUG JpaTransactionManager:488 - Rolling back JPA transaction on EntityManager [org.hibernate.ejb.EntityManagerImpl@1060d0]
20:15:40,488 DEBUG AbstractTransactionImpl:3554 - rolling back
20:15:40,488 DEBUG JdbcTransaction:3554 - rolled JDBC Connection
20:15:40,489 DEBUG JdbcTransaction:3554 - re-enabling autocommit
20:15:40,492 DEBUG AbstractTransactionImpl:3554 - rolling back
20:15:40,493 DEBUG JdbcTransaction:3554 - rolled JDBC Connection
20:15:40,493 DEBUG JdbcTransaction:3554 - re-enabling autocommit
20:15:40,493 DEBUG JpaTransactionManager:548 - Closing JPA EntityManager [org.hibernate.ejb.EntityManagerImpl@1060d0] after transaction
20:15:40,494 DEBUG EntityManagerFactoryUtils:328 - Closing JPA EntityManager
20:15:40,494 DEBUG LogicalConnectionImpl:3794 - Releasing JDBC connection
20:15:40,494 DEBUG LogicalConnectionImpl:3794 - Released JDBC connection
20:15:40,496 DEBUG DefaultListableBeanFactory:246 - Returning cached instance of singleton bean 'org.springframework.security.core.session.SessionRegistryImpl#0'
20:15:40,496 DEBUG UsernamePasswordAuthenticationFilter:340 - Authentication request failed: org.springframework.security.authentication.AuthenticationServiceException: org.hibernate.hql.internal.ast.QuerySyntaxException: User is not mapped [SELECT myuser FROM User myuser where myuser.username =:login]
20:15:40,496 DEBUG UsernamePasswordAuthenticationFilter:341 - Updated SecurityContextHolder to contain null Authentication
20:15:40,496 DEBUG UsernamePasswordAuthenticationFilter:342 - Delegating to authentication failure handlerorg.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@1760a96
20:15:40,497 DEBUG SimpleUrlAuthenticationFailureHandler:67 - Redirecting to /login?error=true
根据日志,它不是停止,而是引发异常。日志状态为:
20:15:40,496 DEBUG UsernamePasswordAuthenticationFilter:340 - Authentication request failed: org.springframework.security.authentication.AuthenticationServiceException: org.hibernate.hql.internal.ast.QuerySyntaxException: User is not mapped [SELECT myuser FROM User myuser where myuser.username =:login]
具体而言:
QuerySyntaxException:未映射用户[从用户中选择myuser
myuser其中myuser.username=:login]
我猜您是想在查询中使用UserModel,而不是User。具体而言,您应该在UserRepository中使用以下内容:
TypedQuery<UserModel> query = em.createQuery("SELECT myuser FROM UserModel myuser where myuser.username =:login",UserModel.class);
根据日志,它不是停止,而是引发异常。日志状态为:
20:15:40,496 DEBUG UsernamePasswordAuthenticationFilter:340 - Authentication request failed: org.springframework.security.authentication.AuthenticationServiceException: org.hibernate.hql.internal.ast.QuerySyntaxException: User is not mapped [SELECT myuser FROM User myuser where myuser.username =:login]
具体而言:
QuerySyntaxException:未映射用户[从用户中选择myuser
myuser其中myuser.username=:login]
我猜您是想在查询中使用UserModel,而不是User。具体而言,您应该在UserRepository中使用以下内容:
TypedQuery<UserModel> query = em.createQuery("SELECT myuser FROM UserModel myuser where myuser.username =:login",UserModel.class);
你能详细说明你遇到的问题吗?不执行查询是什么意思?发生了什么事?你预计会发生什么?你得到结果了吗?如果可以的话,你会得到stacktrace吗?我既没有结果也没有错误,它停在这一行'TypedQuery query=em.createQuerySELECT myuser FROM User myuser where myuser.username=:login,UserModel.class;query.setParameterlogin,用户名;'如果为Hibernate启用调试日志记录,此时在日志中会看到什么?你确定它不是很慢吗?如果没有正确配置日志记录,您是否看到任何hibernate日志记录?请发布hibernate日志。如果将查询的创建更改为为为其他域对象创建查询,会发生什么情况?UserModel看起来像什么?你能详细说明一下你遇到的问题吗?不执行查询是什么意思?发生了什么事?你预计会发生什么?你得到结果了吗?如果可以的话,你会得到stacktrace吗?我既没有结果也没有错误,它停在这一行'TypedQuery query=em.createQuerySELECT myuser FROM User myuser where myuser.username=:login,UserModel.class;query.setParameterlogin,用户名;'如果为Hibernate启用调试日志记录,此时在日志中会看到什么?你确定它不是很慢吗?如果没有正确配置日志记录,您是否看到任何hibernate日志记录?请发布hibernate日志。如果将查询的创建更改为为为其他域对象创建查询,会发生什么情况?UserModel看起来像什么?谢谢!!我是初学者:@LhbLaura没问题。如果您不喜欢手动操作JPA,您可以考虑使用Spring Data JPA,它将使用一些约定自动创建查询,包括分页、排序和自定义属性。如果您正在做REST,您还可以添加一个简单的注释,它将作为REST端点与SpringDataREST一起公开,谢谢!!我是初学者:@LhbLaura没问题。如果您不喜欢手动操作JPA,您可以考虑使用Spring Data JPA,它将使用一些约定自动创建查询,包括分页、排序和自定义属性。如果您正在执行REST,还可以添加一个简单的注释,它将作为REST端点与SpringDataREST一起公开
TypedQuery<UserModel> query = em.createQuery("SELECT myuser FROM UserModel myuser where myuser.username =:login",UserModel.class);