Warning: file_get_contents(/data/phpspider/zhask/data//catemap/5/spring-mvc/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java Spring安全性-未调用自定义UserDetails服务实现_Java_Spring Mvc_Spring Security - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java Spring安全性-未调用自定义UserDetails服务实现

Java Spring安全性-未调用自定义UserDetails服务实现

java spring-mvc spring-security

Java Spring安全性-未调用自定义UserDetails服务实现,java,spring-mvc,spring-security,Java,Spring Mvc,Spring Security,尝试使用自定义userDetailsService学习spring安全性,并面临以下问题 当访问受限页面(/admin或/user)时,spring security将启动并显示登录页面。 但是在使用正确的用户名和密码提交登录页面后,在调用自定义UserDetails服务实现中的loadUserByUsername方法之前,会直接显示拒绝访问页面 在日志中,只有org.springframework.security.access.AccessDeniedException异常-在访问受限页面时

尝试使用自定义userDetailsService学习spring安全性,并面临以下问题

当访问受限页面(/admin或/user)时,spring security将启动并显示登录页面。
但是在使用正确的用户名和密码提交登录页面后,在调用自定义UserDetails服务实现中的loadUserByUsername方法之前,会直接显示拒绝访问页面

在日志中,只有
org.springframework.security.access.AccessDeniedException
异常-在访问受限页面时,没有其他异常

代码

安全配置:

CustomUserDetailsService

@服务
公共类CustomUserDetailsService实现UserDetailsService{
私有用户存储库用户存储库;;
@事务(只读=真)
@凌驾
公共用户详细信息loadUserByUsername(字符串用户名)
抛出UsernameNotFoundException{
System.out.println(“loadUserByUsername被调用”);
试一试{
com.krishnan.balaji.mc.model.User domainUser=userRepository
.getUserByUserName(用户名);
布尔启用=真;
布尔值accountNonExpired=true;
布尔CredentialsNoExpired=true;
布尔值accountNonLocked=true;
返回新用户(domainUser.getUsername(),domainUser.getPassword())
.toLowerCase(),已启用,AccountNoExpired,
凭证未过期,账户未锁定,
GetAuthories(domainUser.getRole().getRole());
}捕获(例外e){
抛出新的运行时异常(e);
}
}

公共集合在您的
http
的Spring安全配置中,您应该更改以下内容:


default-target-url="/abcd"


差不多


default-target-url="/"


或者你定义的其他任何东西


    

  • default target url
    定义登录过程中的默认位置
    • 

  • 确保定义从最具体到最通用的所有必要的
    • 

也尝试将其更改为/home。。无论如何,这只有在登录过程成功的情况下才会发生-在我的情况下,甚至没有调用UserDetails服务

<!--<form class="login-form" action=<c:url value="j_spring_security_check"/> method="post" >-->
<form action=<c:url value="/login"/> method="post" >
            <input id="j_username" name="tmp_usrnm" size="20" maxlength="50" type="text"/>
            <input id="j_password" name="tmp_pwd" size="20" maxlength="50" type="password"/>
            <p><input type="submit" value="Login"/></p>
</form> 



@Controller
public class UserAccessController {

    @RequestMapping("/login")
    public String login(Model model, @RequestParam(required=false) String message) {
        model.addAttribute("message", message);
        System.out.println("serving login page");
        return "access/login";
    }

    @RequestMapping(value = "/denied")
    public String denied() {
        System.out.println("serving access denied page");
        return "access/denied";
    }

    @RequestMapping(value = "/login/failure")
    public String loginFailure() {
        System.out.println("serving failed login page");
        String message = "Login Failure!";
        return "redirect:/login?message="+message;
    }

    @RequestMapping(value = "/logout/success")
    public String logoutSuccess() {
        System.out.println("serving logout page");
        String message = "Logout Success!";
        return "redirect:/login?message="+message;
    }
}



@Service
public class CustomUserDetailsService implements UserDetailsService {

    private UserRepository userRepository;;

    @Transactional(readOnly = true)
    @Override
    public UserDetails loadUserByUsername(String username)
            throws UsernameNotFoundException {
        System.out.println("loadUserByUsername called");
        try {
            com.krishnan.balaji.mc.model.User domainUser = userRepository
                    .getUserByUserName(username);

            boolean enabled = true;
            boolean accountNonExpired = true;
            boolean credentialsNonExpired = true;
            boolean accountNonLocked = true;

            return new User(domainUser.getUsername(), domainUser.getPassword()
                    .toLowerCase(), enabled, accountNonExpired,
                    credentialsNonExpired, accountNonLocked,
                    getAuthorities(domainUser.getRole().getRole()));

        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public Collection<? extends GrantedAuthority> getAuthorities(Integer role) {
        List<GrantedAuthority> authList = getGrantedAuthorities(getRoles(role));
        return authList;
    }

    public List<String> getRoles(Integer role) {
        List<String> roles = new ArrayList<String>();

        if (role.intValue() == 1) {
            roles.add("ROLE_USER");
            roles.add("ROLE_ADMIN");

        } else if (role.intValue() == 2) {
            roles.add("ROLE_USER");
        }

        return roles;
    }

    public static List<GrantedAuthority> getGrantedAuthorities(
            List<String> roles) {
        List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
        for (String role : roles) {
            authorities.add(new SimpleGrantedAuthority(role));
        }
        return authorities;
    }

    public UserRepository getUserRepository() {
        return userRepository;
    }

    public void setUserRepository(UserRepository userRepository) {
        this.userRepository = userRepository;
    }

}



default-target-url="/abcd"



default-target-url="/"