如何在Spring引导安全配置中添加新注册的用户?
我正在使用基本身份验证执行Spring Boot、Spring Security。我将通过RESTful API调用从我的客户机应用程序发送登录url,该应用程序使用AngularJS编写 一切正常。数据库中的所有用户都在SecurityConfiguration.java中配置,如下所示如何在Spring引导安全配置中添加新注册的用户?,spring,spring-boot,spring-security,spring-security-rest,Spring,Spring Boot,Spring Security,Spring Security Rest,我正在使用基本身份验证执行Spring Boot、Spring Security。我将通过RESTful API调用从我的客户机应用程序发送登录url,该应用程序使用AngularJS编写 一切正常。数据库中的所有用户都在SecurityConfiguration.java中配置,如下所示 @Autowired public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception {
@Autowired
public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception {
List<User> users = userService.getUsers();
for (User user : users) {
auth.inMemoryAuthentication().withUser(user.getUserName()).password(user.getPassword())
.roles(user.getRole().getName());
}
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests().antMatchers("/server/rest/secure/**")
.hasRole("ADMIN").and()
.httpBasic().realmName(REALM).authenticationEntryPoint(getBasicAuthEntryPoint());
}
@Bean
public CustomBasicAuthenticationEntryPoint getBasicAuthEntryPoint() {
return new CustomBasicAuthenticationEntryPoint();
}
因此,如果我注册了一个新用户,它将插入数据库中,但不会添加到上述实现中。因此身份验证失败
如何在我注册新用户时刷新上述实现使用db进行身份验证时,应执行以下操作:
@Service("userDetailsService")
@Transactional
public class MUserDetailService implements UserDetailsService {
@Autowired
AppUserDao appUserDao;
@Override
public UserDetails loadUserByUsername(final String appUserName) throws UsernameNotFoundException {
AppUser appUser = appUserDao.findByName(appUserName);
if (appUser == null) throw new UsernameNotFoundException(appUserName);
else{
return new User(appUser.getUsername(),appUser.getPassword(),appUser.getActive(),true,true,true,getGrantedAuthorities(appUser));
}
}
private List<GrantedAuthority> getGrantedAuthorities(AppUser appUser){
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
for (Authority authority : appUser.getAuthorities()){
authorities.add(new SimpleGrantedAuthority(authority.getAuthorityName()));
}
return authorities;
}
}
使用db进行身份验证时,应执行以下操作:
@Service("userDetailsService")
@Transactional
public class MUserDetailService implements UserDetailsService {
@Autowired
AppUserDao appUserDao;
@Override
public UserDetails loadUserByUsername(final String appUserName) throws UsernameNotFoundException {
AppUser appUser = appUserDao.findByName(appUserName);
if (appUser == null) throw new UsernameNotFoundException(appUserName);
else{
return new User(appUser.getUsername(),appUser.getPassword(),appUser.getActive(),true,true,true,getGrantedAuthorities(appUser));
}
}
private List<GrantedAuthority> getGrantedAuthorities(AppUser appUser){
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
for (Authority authority : appUser.getAuthorities()){
authorities.add(new SimpleGrantedAuthority(authority.getAuthorityName()));
}
return authorities;
}
}
你能给出这个的参考链接吗?你所说的参考链接是什么意思?我指的是这个的任何网站参考。如果需要,它将帮助我更新代码。好的,看看这个。这对我不起作用。在这个例子中,我找不到任何与基本身份验证相关的内容。你能给出这个的参考链接吗?你说的参考链接是什么意思?我指的是这个的任何网站参考。如果需要,它将帮助我更新代码。好的,看看这个。这对我不起作用。在本例中,我找不到任何与基本身份验证相关的内容。
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter{
@Autowired
@Qualifier("userDetailsService")
UserDetailsService userDetailsService;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService);
}
}