Java 如何在customAuthenticationProvider中创建主体对象?
我有一个web应用程序,我正在使用spring security。我在securityContext.xml中对身份验证提供程序进行了以下配置:Java 如何在customAuthenticationProvider中创建主体对象?,java,authentication,spring-security,Java,Authentication,Spring Security,我有一个web应用程序,我正在使用spring security。我在securityContext.xml中对身份验证提供程序进行了以下配置: <authentication-provider> <password-encoder hash="sha-256" /> <jdbc-user-service data-source-ref="dataSource" users-by-username-query=
<authentication-provider>
<password-encoder hash="sha-256" />
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="<the query>"
authorities-by-username-query="<the other query>" />
</authentication-provider>
为什么customAuthenticationProvider没有创建主体对象?(我认为这就是问题所在)我如何创建它(主体对象)?试试这个
public class CustomAuthenticationProvider implements AuthenticationProvider {
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String name = authentication.getPrincipal();
String password = authentication.getCredentials().toString();
List<GrantedAuthority> grantedAuths = new ArrayList<GrantedAuthority>();
//I check the username-password, and grantedAuths
Authentication auth = new UsernamePasswordAuthenticationToken(name, password, grantedAuths);
return auth;
else //it enters here with an incorrect username-password (the if is in the original code)
{
return null;
}
}
公共类CustomAuthenticationProvider实现AuthenticationProvider{
公共身份验证(身份验证)引发AuthenticationException{
字符串名称=authentication.getPrincipal();
字符串密码=authentication.getCredentials().toString();
List grantedAuths=new ArrayList();
//我检查用户名、密码和授权
Authentication auth=新用户名PasswordAuthenticationToken(名称、密码、授权验证);
返回auth;
else//它在此处输入的用户名密码不正确(if在原始代码中)
{
返回null;
}
}
我已经用相同的结果尝试过了。不过我找到了一个不同的解决方案,我发现主体是创建的,但不是作为用户对象(就像我以前使用的那样),而是作为字符串。我使用了这个字符串并为我工作。
Invalid property 'principal.username' of bean class [org.springframework.security.authentication.UsernamePasswordAuthenticationToken]:
public class CustomAuthenticationProvider implements AuthenticationProvider {
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String name = authentication.getPrincipal();
String password = authentication.getCredentials().toString();
List<GrantedAuthority> grantedAuths = new ArrayList<GrantedAuthority>();
//I check the username-password, and grantedAuths
Authentication auth = new UsernamePasswordAuthenticationToken(name, password, grantedAuths);
return auth;
else //it enters here with an incorrect username-password (the if is in the original code)
{
return null;
}
}