Spring 春安记我不';行不通
我正在尝试使用自定义用户详细信息服务和自定义身份验证提供程序应用spring安全性。 此外,我正在尝试应用“记住我”功能 然而,不知何故,在我配置了自定义用户详细信息服务和自定义身份验证提供程序之后,“记住我”停止工作 当我从客户端浏览器检查cookie时,它具有“记住我”cookie。 但是,如果我重新部署(重新启动)服务器或重新启动客户端浏览器,它将重定向到登录页面 这里我附加了我的配置和自定义文件Spring 春安记我不';行不通,spring,remember-me,Spring,Remember Me,我正在尝试使用自定义用户详细信息服务和自定义身份验证提供程序应用spring安全性。 此外,我正在尝试应用“记住我”功能 然而,不知何故,在我配置了自定义用户详细信息服务和自定义身份验证提供程序之后,“记住我”停止工作 当我从客户端浏览器检查cookie时,它具有“记住我”cookie。 但是,如果我重新部署(重新启动)服务器或重新启动客户端浏览器,它将重定向到登录页面 这里我附加了我的配置和自定义文件 <?xml version="1.0" encoding="UTF-8"?> &
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-4.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<!-- enable use-expressions -->
<security:annotation-config/>
<http auto-config="false" use-expressions="true">
<headers>
<cache-control />
</headers>
<intercept-url pattern="/resources/**" access="permitAll()"/>
<intercept-url pattern="/signin" access="permitAll()" />
<intercept-url pattern="/403" access="permitAll()" />
<intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
<!-- redirect to 403 access denied <intercept-url pattern="/update**" access="hasRole('ROLE_ADMIN')
and isFullyAuthenticated()" /> -->
<form-login login-page="/signin"
default-target-url="/"
authentication-failure-url="/signin?error"
username-parameter="username"
password-parameter="password"
login-processing-url="/auth/login_check"
authentication-success-handler-ref="loginSuccessHandler" />
<logout logout-url="/logout" logout-success-url="/signin?logout" delete-cookies="JSESSIONID" />
<!-- enable csrf protection -->
<!--<csrf disabled="true"/>-->
<!--<remember-me-->
<!--token-validity-seconds="1209600"-->
<!--remember-me-parameter="remember-me"-->
<!--data-source-ref="dataSource" user-service-ref="customUserDetailService"/>-->
<remember-me services-ref="rememberMeServices" />
<csrf disabled="true"/>
<!--<custom-filter ref="statelessCSRFFilter" before="CSRF_FILTER"/>-->
</http>
<!-- Select users and user_roles from database -->
<!--<authentication-manager>-->
<!--<authentication-provider>-->
<!--<jdbc-user-service data-source-ref="dataSource"-->
<!--users-by-username-query="select username,password, enabled from users where username=?"-->
<!--authorities-by-username-query="select username, role from user_roles where username =? "-->
<!--group-authorities-by-username-query="select g.id, g.group_name, ga.authority from groups g, group_members gm, group_authorities ga where gm.username = ? and g.id = ga.group_id and g.id = gm.group_id"/>-->
<!--</authentication-provider>-->
<!--</authentication-manager>-->
<beans:bean id="customUserDetailService" class="com.euroscope.app.service.security.CustomUserService"></beans:bean>
<beans:bean id="customAuthenticationProvider" class="com.euroscope.app.handler.CustomAuthenticationProvider"></beans:bean>
<beans:bean id="loginSuccessHandler" class="com.euroscope.app.handler.LoginSuccessHandler"></beans:bean>
<!--<beans:bean id="statelessCSRFFilter" class="com.euroscope.app.filter.StatelessCSRFFilter" />-->
<beans:bean id="rememberMeFilter" class= "org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter">
<beans:constructor-arg ref="authenticationManager"/>
<beans:constructor-arg ref="rememberMeServices"/>
</beans:bean>
<beans:bean id="rememberMeServices" class= "org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices">
<beans:constructor-arg value="euroscope"/>
<beans:constructor-arg ref="customUserDetailService"/>
<beans:constructor-arg ref="tokenRepository" />
<beans:property name="alwaysRemember" value="true" />
</beans:bean>
<beans:bean id="rememberMeAuthenticationProvider" class= "org.springframework.security.authentication.RememberMeAuthenticationProvider">
<beans:constructor-arg value="euroscope"/>
</beans:bean>
<beans:bean id="tokenRepository" class="org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl">
<beans:property name="dataSource" ref="dataSource"/>
</beans:bean>
<authentication-manager alias="authenticationManager">
<authentication-provider ref="rememberMeAuthenticationProvider" />
<authentication-provider ref="customAuthenticationProvider" />
<authentication-provider user-service-ref="customUserDetailService" />
</authentication-manager>
</beans:beans>
package com.euroscope.app.handler;
导入com.euroscope.app.domain.security.Employee;
导入com.euroscope.app.service.security.CustomUserService;
导入org.slf4j.Logger;
导入org.slf4j.LoggerFactory;
导入org.springframework.beans.factory.annotation.Autowired;
导入org.springframework.security.authentication.AuthenticationProvider;
导入org.springframework.security.authentication.BadCredentialsException;
导入org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
导入org.springframework.security.core.Authentication;
导入org.springframework.security.core.AuthenticationException;
导入org.springframework.security.core.GrantedAuthority;
导入org.springframework.security.core.userdetails.UsernameNotFoundException;
导入org.springframework.stereotype.Component;
导入java.util.Collection;
/**
*2015年7月9日由杨克强创建。
*/
@组成部分
公共类CustomAuthenticationProvider实现AuthenticationProvider{
私有静态最终记录器Logger=LoggerFactory.getLogger(CustomAuthenticationProvider.class);
@自动连线
CustomUserService CustomUserService;
@凌驾
公共身份验证(身份验证)引发AuthenticationException{
字符串username=authentication.getName();
字符串密码=(字符串)身份验证。getCredentials();
员工;
集合您正在使用的任何身份验证筛选器(即AbstractAuthenticationProcessingFilter的子类)都需要了解RememberServices
,例如:
<beans:bean .. class="x.x..YourCustomAuthenticationFilter">
<beans:property name="rememberMeServices" ref="rememberMeServices"/>
<beans:property name="authenticationManager" ref="authenticationManager"/>
</beans:bean>
和rememberAuthenticationFilter
应在YourCustomAuthenticationFilter
package com.euroscope.app.handler;
import com.euroscope.app.domain.security.Employee;
import com.euroscope.app.service.security.CustomUserService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import java.util.Collection;
/**
* Created by ksyeng on 7/9/15.
*/
@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {
private static final Logger logger = LoggerFactory.getLogger(CustomAuthenticationProvider.class);
@Autowired
CustomUserService customUserService;
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String username = authentication.getName();
String password = (String) authentication.getCredentials();
Employee employee;
Collection<? extends GrantedAuthority> authorities;
try {
logger.debug("Custom Authentication : "+authentication);
employee = (Employee)customUserService.loadUserByUsername(username);
// employee = customUserService.loadUserByUsername(username);
// String hashedPassword = passwordEncoder.encodePassword(password, saltSource.getSalt(user));
// log.info("username : " + username + " / password : " + password + " / hash password : " + hashedPassword);
logger.debug("Username : " + employee.getUsername() + " / Password : " + employee.getPassword());
// if (!hashedPassword.equals(user.getPassword())) throw new BadCredentialsException("비밀번호가 일치하지 않습니다.");
authorities = employee.getAuthorities();
return new UsernamePasswordAuthenticationToken(employee, password, authorities);
} catch(UsernameNotFoundException e) {
e.printStackTrace();
logger.debug(e.toString());
throw new UsernameNotFoundException(e.getMessage());
} catch(BadCredentialsException e) {
e.printStackTrace();
logger.debug(e.toString());
throw new BadCredentialsException(e.getMessage());
} catch(Exception e) {
e.printStackTrace();
logger.debug(e.toString());
throw new RuntimeException(e.getMessage());
}
}
@Override
public boolean supports(Class<?> aClass) {
return true;
}
}
package com.euroscope.app.service.security;
import com.euroscope.app.domain.security.Employee;
import com.euroscope.app.domain.security.Role;
import com.euroscope.app.mapper.security.UserMapper;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import javax.annotation.Resource;
import java.util.ArrayList;
/**
* Created by ksyeng on 7/9/15.
*/
@Slf4j
@Service
public class CustomUserService implements UserDetailsService {
@Resource
private UserMapper userMapper;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
Employee employee = userMapper.getUser(username);
ArrayList<Role> authList = userMapper.getRoles(username);
log.debug("Auth Roles : "+authList.toString());
employee.setAuthorities(authList);
if(employee == null){
throw new UsernameNotFoundException("Can't Find Any Matching User");
}
log.debug(employee.toString());
return employee;
}
}
<beans:bean .. class="x.x..YourCustomAuthenticationFilter">
<beans:property name="rememberMeServices" ref="rememberMeServices"/>
<beans:property name="authenticationManager" ref="authenticationManager"/>
</beans:bean>