Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/angular/27.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java 使用spring和angular的JWT身份验证,带有空标头_Java_Angular_Spring Boot - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java 使用spring和angular的JWT身份验证,带有空标头

Java 使用spring和angular的JWT身份验证,带有空标头

java angular spring-boot

Java 使用spring和angular的JWT身份验证,带有空标头,java,angular,spring-boot,Java,Angular,Spring Boot,我正在尝试使用SpringBoot和angular进行JWT令牌身份验证。在创建登录承载令牌后,但在JWTAuthorizationFilter中创建之后,我将获得空标头,因此它将返回anonymousUser。请告诉我为什么我得到空标题 SecurityConfig.java @配置 @启用Web安全性 @EnableGlobalMethodSecurity(Prespenabled=true) 公共类SecurityConfig扩展了WebSecurity配置适配器{ @自动连线 专用BCr

我正在尝试使用SpringBoot和angular进行JWT令牌身份验证。在创建登录承载令牌后,但在JWTAuthorizationFilter中创建之后,我将获得空标头,因此它将返回anonymousUser。请告诉我为什么我得到空标题

SecurityConfig.java

@配置
@启用Web安全性
@EnableGlobalMethodSecurity(Prespenabled=true)
公共类SecurityConfig扩展了WebSecurity配置适配器{
@自动连线
专用BCryptPasswordEncoder BCryptPasswordEncoder;
@自动连线
私有CustomUserDetailService CustomUserDetailService;
@豆子
公共BCryptPasswordEncoder BCryptPasswordEncoder(){
返回新的BCryptPasswordEncoder();
}
@凌驾
受保护的无效配置(HttpSecurity http)引发异常{
http。
cors().configurationSource(请求->新建CORSCOConfiguration().applyPermitDefaultValues())
.and().csrf().disable()
.授权请求()
.antMatchers(“/**”).permitAll()
.antMatchers(“/manage/**”).hasRole(“ADMIN”)
.antMatchers(“/”).hasRole(“用户”)
.及()
.例外处理()
.accessDeniedPage(“/access denied”)
.及()
.addFilter(新的JWTAuthenticationFilter(authenticationManager()))
.addFilter(新的JWTAuthorizationFilter(authenticationManager(),customUserDetailService));
}
@凌驾
受保护的无效配置(AuthenticationManagerBuilder auth)引发异常{
auth.userDetailsService(customUserDetailService).passwordEncoder(新
BCryptPasswordEncoder());
}
}
JWTAuthenticationFilter.java

公共类JWTAuthenticationFilter扩展了UsernamePasswordAuthenticationFilter{
私人AuthenticationManager AuthenticationManager;
公共JWTAuthenticationFilter(AuthenticationManager AuthenticationManager){
this.authenticationManager=authenticationManager;
}
@凌驾
公共身份验证尝试身份验证(HttpServletRequest请求、HttpServletResponse响应)引发AuthenticationException{
试一试{
UserDetail user=newObjectMapper().readValue(request.getInputStream(),UserDetail.class);
返回此文件。authenticationManager
.authenticate(新用户名PasswordAuthenticationToken(user.getEmail(),user.getPassword());
}捕获(IOE异常){
抛出新的运行时异常(e);
}
}
@凌驾
受保护的void successfulAuthentication(HttpServletRequest请求,
HttpServletResponse,
过滤链,
身份验证authResult)引发IOException、ServletException{
字符串用户名=((org.springframework.security.core.userdetails.User)authResult.getPrincipal()).getUsername();
字符串标记=Jwts
.builder()
.setSubject(用户名)
.setExpiration(新日期(System.currentTimeMillis()+到期时间))
.signWith(SignatureAlgorithm.HS512,秘密)
.compact();
字符串bearerToken=令牌\前缀+令牌;
System.out.println(bearerToken);
response.getWriter().write(bearerToken);
addHeader(HEADER\u字符串,bearerToken);
}
}
JWTAuthorizationFilter.java

公共类JWTAuthorizationFilter扩展了基本身份验证筛选器{
私有最终CustomUserDetailService CustomUserDetailService;
公共JWTAuthorizationFilter(AuthenticationManager AuthenticationManager,CustomUserDetailService CustomUserDetailService){
超级(认证经理);
this.customUserDetailService=customUserDetailService;
}
@凌驾
受保护的无效doFilterInternal(HttpServletRequest请求,
HttpServletResponse,
FilterChain链)抛出IOException、ServletException{
stringheader=request.getHeader(header\u字符串);
if(header==null | |!header.startsWith(标记前缀)){
链式过滤器(请求、响应);
返回;
}
UsernamePasswordAuthenticationToken authenticationToken=getAuthenticationToken(请求);
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
链式过滤器(请求、响应);
}
私有用户名PasswordAuthenticationToken getAuthenticationToken(HttpServletRequest请求){
字符串标记=request.getHeader(HEADER\u字符串);
if(token==null)返回null;
字符串username=Jwts.parser().setSigningKey(机密)
.parseClaimsJws(标记.replace(标记前缀“”))
.getBody()
.getSubject();
UserDetails UserDetails=customUserDetailService.loadUserByUsername(用户名);
返回用户名!=null?
新的UsernamePasswordAuthenticationToken(userDetails,null,userDetails.getAuthories())
:null;
}
}
CustomUserDetailService.java

@组件
公共类CustomUserDetailService实现UserDetailsService{
私人名单角色;
@自动连线
私有UserDAO UserDAO;
/*
*@Autowired public CustomUserDetailService(UserRepository-UserRepository){
*this.userRepository=userRepository;}
*/
@凌驾
public UserDetails loadUserByUsername(字符串用户名)引发UsernameNotFoundException{
User=Optional.o

 

 Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJidW50QGdtYWlsLmNvbSIsImV4cCI6MTU5NjExMjcwM30.fBFMDO--8Q_56LT_qbioiT6p3BOxk3L9OrPVTw5EGbf7oJ0ky7W7PuahIYcdjYSL6-OsHY6qq8tPEetlJO7nEg

auth ===org.springframework.security.authentication.AnonymousAuthenticationToken@823df96a: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS