Spring Security+;PostgreSql-由于没有错误消息,如何调试身份验证出现的问题?
我正在关注《Spring in action》一书,并创建了一个小的演示应用程序,以增强我对Spring的了解 当我尝试使用PostgreSQL设置spring安全性并尝试测试经过身份验证的请求时,我总是收到403个禁止的错误,控制台日志中没有错误消息。 我想了解代码有什么问题 我试图为安全性添加调试级别,引入AuthenticationEventListener来监视事件等,但没有一个告诉我身份验证失败的原因 注册控制器工作正常,并使用编码密码将用户详细信息保存到数据库 有关完整的代码,请查看 SecurityConfig.java 用于身份验证检查的TestController 登记管理员 UserRepository.java Users.java 因为我创建了自己的用户表,所以我需要通过这个en实体设置完成身份验证Spring Security+;PostgreSql-由于没有错误消息,如何调试身份验证出现的问题?,postgresql,spring-boot,spring-security,Postgresql,Spring Boot,Spring Security,我正在关注《Spring in action》一书,并创建了一个小的演示应用程序,以增强我对Spring的了解 当我尝试使用PostgreSQL设置spring安全性并尝试测试经过身份验证的请求时,我总是收到403个禁止的错误,控制台日志中没有错误消息。 我想了解代码有什么问题 我试图为安全性添加调试级别,引入AuthenticationEventListener来监视事件等,但没有一个告诉我身份验证失败的原因 注册控制器工作正常,并使用编码密码将用户详细信息保存到数据库 有关完整的代码,请查看
@Configuration
@EnableWebSecurity(debug = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
DataSource dataSource;
@Autowired
private UserRepository userRepository;
//TODO check why it didn't work
@Autowired
@Qualifier("name")
private UserDetailsService userDetailsService;
@Value("${spring.queries.users-query}")
private String usersQuery;
@Value("${spring.queries.roles-query}")
private String rolesQuery;
@Autowired
public BCryptPasswordEncoder passwordEncoder;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.cors().and().csrf().disable()
.authorizeRequests()
.antMatchers("/test").authenticated()
.antMatchers("/register", "/**").permitAll();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.userDetailsService(userDetailsService)
.and()
.jdbcAuthentication()
.usersByUsernameQuery(usersQuery)
.authoritiesByUsernameQuery(rolesQuery)
.dataSource(dataSource)
.passwordEncoder(passwordEncoder);
}
}
@RestController
@RequestMapping("test")
public class TestController {
@GetMapping
public String getDocument(){
return "success";
}
}
@RequestMapping("/register")
public class RegistrationController {
@Autowired
private UserRepository userRepository;
@Autowired
private PasswordEncoder passwordEncoder;
@PostMapping(consumes = MediaType.APPLICATION_JSON_VALUE)
@ResponseStatus(HttpStatus.ACCEPTED)
public void send(@RequestBody RegistrationForm registrationForm) {
userRepository.save(registrationForm.toUser(passwordEncoder));
}
}
public interface UserRepository extends CrudRepository<Users, Long> {
Users findByUsername(String username);
}
@Service("name")
public class UserRepositoryUserDetailsService implements UserDetailsService {
@Autowired
private UserRepository userRepository;
@Override
public UserDetails loadUserByUsername(String userName) throws UsernameNotFoundException {
Users users= userRepository.findByUsername(userName);
if (users == null)
throw new UsernameNotFoundException("User '" + userName + "' not found");
return users;
}
}
@Entity
@Data
@NoArgsConstructor(access= AccessLevel.PRIVATE, force=true)
@RequiredArgsConstructor
public class Users implements UserDetails {
@Id
@GeneratedValue(strategy= GenerationType.AUTO)
private Long id;
private final String username;
private final String password;
private final boolean enabled;
private final String role;
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return Arrays.asList(new SimpleGrantedAuthority(this.role));
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return this.enabled;
}
}
spring.queries.users-query=select username, password, enabled from users where username=?
spring.queries.roles-query=select username, role from users where username=?