将用户保存在数据库、Spring安全注册表中
我正在学习春季安全。 无法保存已注册用户(如果他至少正在注册,因为我不知道) Web安全配置:将用户保存在数据库、Spring安全注册表中,spring,spring-boot,thymeleaf,Spring,Spring Boot,Thymeleaf,我正在学习春季安全。 无法保存已注册用户(如果他至少正在注册,因为我不知道) Web安全配置: @覆盖 受保护的无效配置(HttpSecurity http)引发异常{ http .授权请求() .antMatchers(“/”,“/注册”).permitAll() .anyRequest().authenticated() .及() .formLogin() .login页面(“/login”) .permitAll() .及() .logout() .permitAll(); } @凌驾 受
@覆盖
受保护的无效配置(HttpSecurity http)引发异常{
http
.授权请求()
.antMatchers(“/”,“/注册”).permitAll()
.anyRequest().authenticated()
.及()
.formLogin()
.login页面(“/login”)
.permitAll()
.及()
.logout()
.permitAll();
}
@凌驾
受保护的无效配置(AuthenticationManagerBuilder auth)引发异常{
auth.userDetailsService(userService)
.passwordEncoder(NoOpPasswordEncoder.getInstance());
}
用户实体:
@实体
@吸气剂
@塞特
@托斯特林
@EqualsAndHashCode(of=“id”)
公共类用户实现UserDetails{
@身份证
@GeneratedValue(策略=GenerationType.AUTO)
私人长id;
私有字符串用户名;
私有字符串密码;
@ElementCollection(targetClass=Role.class,fetch=FetchType.EAGER)
@CollectionTable(name=“user\u role”,joinColumns=@JoinColumn(name=“user\u id”))
@枚举(EnumType.STRING)
设定角色;
…构造器
@凌驾
公共集合//寄存器映射
@RequestMapping(value=“/registerUser”,method=RequestMethod.POST)
公共字符串注册表页(注册注册表,HttpSession会话){
RegisterUser exitingUser=service.findUserByEmail(reg.getEmail());
if(exitingUser==null){
RegisterUser user=newregisteruser();
user.setEmail(reg.getEmail());
user.setPass(reg.getPass());
服务。RegisterNewSerAccount(用户);
}
}
//用户模型
公共类用户扩展基本度{
/** */
私有静态最终长serialVersionUID=1L;
@瓦利德梅尔
@列(name=“EMAIL\u ID”,null=false)
私人字符串电子邮件地址;
@列(name=“PASSWORD”,长度=60,可空=false)
私有字符串密码;
@列(name=“ENABLED”)
启用私有布尔值;
@OneToMany(mappedBy=“user”,cascade={CascadeType.ALL})
私有设置特权;
@短暂的
私有字符串匹配密码;
@ManyToMany(fetch=FetchType.EAGER,cascade={CascadeType.ALL})
@JoinTable(name=“USER\u DETAILS\u ROLE”,joinColumns=@JoinColumn(name=“USER\u ID”,referencedColumnName=“ID”),inverseJoinColumns=@JoinColumn(name=“ROLE\u ID”,referencedColumnName=“ID”))
私人设定角色;
公开注册详情(){
超级();
this.enabled=false;
}
公共字符串getEmail(){
回复邮件;
}
公用电子邮件(字符串电子邮件){
this.email=电子邮件;
}
公共字符串getPass(){
回程通行证;
}
公共无效设置传递(字符串传递){
this.pass=通过;
}
公共布尔值isEnabled(){
返回启用;
}
已启用公共void集(已启用布尔值){
this.enabled=已启用;
}
公共字符串getMatchingPassword(){
返回匹配密码;
}
public void setMatchingPassword(字符串匹配密码){
this.matchingPassword=matchingPassword;
}
@杰索尼奥雷
公共集getRoles(){
返回角色;
}
公共无效集合角色(集合角色){
this.roles=角色;
}
@杰索尼奥雷
公共设置getPermissions(){
返回特权;
}
公共无效设置权限(设置权限){
这个.特权=特权;
}
公共静态长GetSerialVersionId(){
返回serialVersionId;
}
公众收藏非常感谢,我们将努力了解这里发生了什么。
//Register Mapping
@RequestMapping(value = "/registerUser", method = RequestMethod.POST)
public String registerPage(Registration reg,HttpSession session) {
RegisterUser exitingUser = service.findUserByEmail(reg.getEmail());
if (exitingUser == null) {
RegisterUser user = new RegisterUser ();
user.setEmail(reg.getEmail());
user.setPass(reg.getPass());
service.registerNewUserAccount(user);
}
}
// User Model
public class User extends BasicEntity {
/** */
private static final long serialVersionUID = 1L;
@ValidEmail
@Column(name = "EMAIL_ID", nullable = false)
private String email_id;
@Column(name = "PASSWORD", length = 60, nullable = false)
private String password;
@Column(name = "ENABLED")
private boolean enabled;
@OneToMany(mappedBy = "user", cascade = { CascadeType.ALL })
private Set<Privilege> privileges;
@Transient
private String matchingPassword;
@ManyToMany(fetch = FetchType.EAGER, cascade = { CascadeType.ALL })
@JoinTable(name = "USER_DETAILS_ROLE", joinColumns = @JoinColumn(name = "USER_ID", referencedColumnName = "ID"), inverseJoinColumns = @JoinColumn(name = "ROLE_ID", referencedColumnName = "ID"))
private Set<Role> roles;
public RegistrationDetails() {
super();
this.enabled = false;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public String getPass() {
return pass;
}
public void setPass(String pass) {
this.pass = pass;
}
public boolean isEnabled() {
return enabled;
}
public void setEnabled(boolean enabled) {
this.enabled = enabled;
}
public String getMatchingPassword() {
return matchingPassword;
}
public void setMatchingPassword(String matchingPassword) {
this.matchingPassword = matchingPassword;
}
@JsonIgnore
public Set<Role> getRoles() {
return roles;
}
public void setRoles(Set<Role> roles) {
this.roles = roles;
}
@JsonIgnore
public Set<Privilege> getPermissions() {
return privileges;
}
public void setPermissions(Set<Privilege> privileges) {
this.privileges= privileges;
}
public static long getSerialversionuid() {
return serialVersionUID;
}
public Collection<? extends GrantedAuthority> getAuthorities(Collection<Role> roles) {
List<String> userRole = new ArrayList<String>();
for (Role role : roles) {
userRole.add(role.getName());
}
return getGrantedAuthorities(userRole);
}
private List<GrantedAuthority> getGrantedAuthorities(List<String> privileges) {
List<GrantedAuthority> authorities = new ArrayList<>();
for (String privilege : privileges) {
authorities.add(new SimpleGrantedAuthority(privilege));
}
return authorities;
}
//security config
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Override
public void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/","/resources/**", "/**").permitAll().anyRequest().authenticated().and().formLogin()
.loginPage("/").permitAll().usernameParameter("username").passwordParameter("password")
.loginProcessingUrl("/j_spring_security_check").failureUrl("/")
.successHandler(authenticationSuccessHandler()).and().logout().logoutSuccessUrl("/")
.logoutUrl("/logout").invalidateHttpSession(true).deleteCookies("JSESSIONID").and().csrf().disable().headers().frameOptions().sameOrigin();
}
@Override
protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authenticationProvider());
}
@Bean
public DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
authProvider.setUserDetailsService(userDetailsService);
authProvider.setPasswordEncoder(passwordEncoder());
return authProvider;
}
@Bean
public AuthenticationSuccessHandler authenticationSuccessHandler() {
return new AuthenticationSuccessHandler();
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder(11);
}