我有以下问题,我有简单的注册和登录到成功注册后与 Spring 安全网站(用户添加到数据库我添加屏幕下面)
当我想登录时,我只需进入url:
http://localhost:8080/登录?错误
我不知道是什么错用户名和密码是正确的
这是my view login.html
<form method="POST" th:action="@{/login}" id="loginForm">
<div class="form-group">
<label for="username">Nazwa użytkownika: </label>
<input type="text" name="username" id="username" class="form-control">
</div>
<div class="form-group">
<label for="password">Hasło: </label>
<input type="password" name="password" id="password" class="form-control">
</div>
<br>
<div class="form-group">
<input type="submit" value="Zaloguj się" class="btn btn-primary">
</div>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form>和securityconfig
package my.taco.web;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Bean
public PasswordEncoder encoder(){
return new BCryptPasswordEncoder();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception{
auth
.userDetailsService(userDetailsService)
.passwordEncoder(encoder());
}
@Override
protected void configure(HttpSecurity http) throws Exception{
http
.authorizeRequests()
.antMatchers("/design","/orders").access("hasRole('ROLE_USER')")
.antMatchers("/","/**").access("permitAll")
.and()
.formLogin()
.loginPage("/login")
.usernameParameter("username")
.passwordParameter("password")
.defaultSuccessUrl("/design",true)
.and()
.logout()
.logoutSuccessUrl("/");
}
@Override
public void configure(WebSecurity web){
web
.ignoring()
.antMatchers("/h2/**");
}
}我需要添加一些像日志控制器之类的东西?我是Spring的菜鸟谢谢大家的帮助。
添加了实现userdetailsservice以回复注解
package my.taco.services;
import my.taco.data.UserRepository;
import my.taco.models.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
@Service
public class UserRepositoryUserDetailsService implements UserDetailsService {
private UserRepository userRepo;
@Autowired
public UserRepositoryUserDetailsService(UserRepository userRepo){
this.userRepo=userRepo;
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException{
User user=userRepo.findByUsername(username);
if(user!=null){
return user;
}
throw new UsernameNotFoundException("Użytkwonik "+username+ " nie został znaleziony");
}
}添加的用户类
package my.taco.models;
import lombok.AccessLevel;
import lombok.Data;
import lombok.NoArgsConstructor;
import lombok.RequiredArgsConstructor;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import java.util.Arrays;
import java.util.Collection;
@Entity
@Data
@NoArgsConstructor(access = AccessLevel.PRIVATE,force = true)
@RequiredArgsConstructor
public class User implements UserDetails {
private static final long serialVersionUID=1L;
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private long id;
private final String username;
private final String password;
private final String fullname;
private final String street;
private final String city;
private final String state;
private final String zip;
private final String phoneNumber;
@Override
public Collection<? extends GrantedAuthority> getAuthorities(){
return Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));
}
@Override
public boolean isAccountNonExpired(){
return true;
}
@Override
public boolean isAccountNonLocked(){
return true;
}
@Override
public boolean isCredentialsNonExpired(){
return true;
}
@Override
public boolean isEnabled(){
return true;
}
}
1条答案
按热度按时间bmp9r5qi1#
您好,在这种情况下,我建议您实现userdetailsservice:
您应该在
loadUserByUsername方法,这将使您清楚地了解您的问题:所需的用户名没有出现,数据库中没有用户或其他内容。请记住User从包中删除类org.springframework.security.core.userdetails. 祝您有个美好的一天