注册后的Spring Boot autologin不起作用
我有一个登录和注册页面。我想在注册后实现autologin的功能。我查阅了各种文件,最后得出了这个结论。有人能找出这里出了什么问题吗 网络安全配置注册后的Spring Boot autologin不起作用,spring,spring-boot,spring-security,Spring,Spring Boot,Spring Security,我有一个登录和注册页面。我想在注册后实现autologin的功能。我查阅了各种文件,最后得出了这个结论。有人能找出这里出了什么问题吗 网络安全配置 @Configuration @EnableWebSecurity public class WebSecurity extends WebSecurityConfigurerAdapter { @Bean public AuthenticationManager authenticationManagerBean() throws
@Configuration
@EnableWebSecurity
public class WebSecurity extends WebSecurityConfigurerAdapter {
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder()
{
return new BCryptPasswordEncoder();
}
@Autowired
public UserDetailsService userDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests()
.antMatchers("/register/**","/css/**","/js/**")
.permitAll()
.anyRequest()
.authenticated()
.and()
.formLogin()
.loginPage("/login")
.defaultSuccessUrl("/welcome",true)
.permitAll()
.and()
.rememberMe()
.rememberMeParameter("rememberme")
.rememberMeCookieName("myLogin")
.tokenValiditySeconds(360*60*60)
.and()
.logout()
.logoutUrl("/logout")
.logoutSuccessUrl("/login?logout")
.invalidateHttpSession(true)
.clearAuthentication(true)
.deleteCookies("myLogin");
}
}
控制器
@Autowired
protected AuthenticationManager authenticationManager;
@Autowired
UserRepo repo;
@Autowired
BCryptPasswordEncoder bCryptPasswordEncoder;
@RequestMapping("/login")
public String loginpage()
{
return "index";
}
@RequestMapping("/welcome")
public String welcomePage()
{
return "welcome";
}
@RequestMapping(value = "/register", method = RequestMethod.GET)
public String register(Model model)
{
model.addAttribute("user", new User());
return "register";
}
@RequestMapping(value = "/register",method = RequestMethod.POST)
public String registerIt(@Valid @ModelAttribute("user")User user, BindingResult result, Model model, HttpServletRequest request)
{
if(result.hasErrors())
{
return "register";
}
Roles roles1=new Roles();
Roles roles2=new Roles();
roles1.setRoles("ADMIN");
roles2.setRoles("USER");
ArrayList<Roles> roleList=new ArrayList<>();
roleList.add(roles1);
roleList.add(roles2);
user.setRoles(roleList);
user.setPassword(bCryptPasswordEncoder.encode(user.getPassword()));
repo.save(user);
UsernamePasswordAuthenticationToken token=new UsernamePasswordAuthenticationToken(user.getUsername(),user.getPassword());
request.getSession();
token.setDetails(new WebAuthenticationDetails(request));
Authentication auth=authenticationManager.authenticate(token);
SecurityContextHolder.getContext().setAuthentication(auth);
return "welcome";
}
@Autowired
受保护的AuthenticationManager AuthenticationManager;
@自动连线
用户回购;
@自动连线
BCryptPasswordEncoder BCryptPasswordEncoder;
@请求映射(“/login”)
公共字符串登录页()
{
返回“索引”;
}
@请求映射(“/welcome”)
公共字符串welcomePage()
{
返回“欢迎”;
}
@RequestMapping(value=“/register”,method=RequestMethod.GET)
公共字符串寄存器(模型)
{
model.addAttribute(“user”,new user());
返回“登记簿”;
}
@RequestMapping(value=“/register”,method=RequestMethod.POST)
公共字符串注册表项(@Valid@modeldattribute(“user”)user user,BindingResult,Model Model,HttpServletRequest)
{
if(result.hasErrors())
{
返回“登记簿”;
}
角色角色1=新角色();
角色角色2=新角色();
角色1.设置角色(“管理员”);
角色2.设置角色(“用户”);
ArrayList roleList=新的ArrayList();
添加角色列表(角色1);
添加角色列表(角色2);
user.setRoles(角色列表);
user.setPassword(bCryptPasswordEncoder.encode(user.getPassword());
回购保存(用户);
UsernamePasswordAuthenticationToken=新的UsernamePasswordAuthenticationToken(user.getUsername(),user.getPassword());
request.getSession();
setDetails(新的WebAuthenticationDetails(请求));
Authentication auth=authenticationManager.authenticate(令牌);
SecurityContextHolder.getContext().setAuthentication(auth);
返回“欢迎”;
}
但是,在注册之后,页面会重定向到登录页面本身。我不知道出了什么问题。。。。请帮助…尝试以下方法初始化身份验证: 参考:
org.springframework.security.web.authentication.AuthenticationFilter#successfulAuthentication
SecurityContext securityContext = SecurityContextHolder.createEmptyContext();
org.springframework.security.core.userdetails.UserDetails userDetails =
new YOURUserDetail( PARAMS );
//create instance of your AUTH object
Authentication authentication = new UsernamePasswordAuthenticationToken(userDetails, other params )
securityContext.setAuthentication(authentication);
SecurityContextHolder.setContext(securityContext);