我刚刚开始实现SpringSecurity,但是登录后在屏幕上显示错误消息“用户已禁用”
默认情况很好。与/ user或/ admin命中并尝试登录时,显示“ User is disable”
我正在执行以下步骤:
首先创建schema.sql(在资源文件夹下)
CREATE TABLE USERS (
USERNAME VARCHAR(128) PRIMARY KEY,
PASSWORD VARCHAR(128) NOT NULL,
ENABLED CHAR(1) CHECK (ENABLED IN ('Y','N') ) NOT NULL
);
CREATE TABLE AUTHORITIES (
USERNAME VARCHAR(128) NOT NULL,
AUTHORITY VARCHAR(128) NOT NULL
);
ALTER TABLE AUTHORITIES ADD CONSTRAINT AUTHORITIES_UNIQUE UNIQUE (USERNAME, AUTHORITY);
ALTER TABLE AUTHORITIES ADD CONSTRAINT AUTHORITIES_FK1 FOREIGN KEY (USERNAME) REFERENCES USERS (USERNAME);
在资源文件夹下创建“ data.sql”
insert into USERS(USERNAME,PASSWORD,ENABLED) VALUES ('user','pass','Y');
insert into USERS(USERNAME,PASSWORD,ENABLED) VALUES ('admin','pass','Y');
insert into AUTHORITIES (USERNAME,AUTHORITY) values ('user','ROLE_USER');
insert into AUTHORITIES (USERNAME,AUTHORITY) values ('admin','ROLE_ADMIN');
HomeResource.JAVA(这是一个控制器类API)
package com.example.callCenter;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class HomeResource{
@GetMapping("/")
public String home(){
return("<h1>Welcome home page..</h1>");
}
@GetMapping("/user")
public String user()
{
return ("<h1>Welcome User page</h1>");
}
@GetMapping("/admin")
public String admin()
{
return("<h1>Welcome Admin page</h1>");
}
}
SecurityConfiguration.java(这将启用Spring Form PAGE)
package com.example.callCenter;
import javax.sql.DataSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
DataSource dataSource;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource)
.usersByUsernameQuery("select username,password,enabled "
+ "from users "
+ "where username = ?")
.authoritiesByUsernameQuery("select username,AUTHORITY "
+ "from AUTHORITIES "
+ "where username = ?");
// This beloe code is default implementation with MySQL database
// auth.jdbcAuthentication()
// .dataSource(dataSource)
// .withDefaultSchema()
// .withUser(
// User.withUsername("user")
// .password("pass")
// .roles("USER")
// )
// .withUser(
// User.withUsername("admin")
// .password("pass")
// .roles("ADMIN")
// );
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.antMatchers("/admin").hasRole("ADMIN")
.antMatchers("/user").hasAnyRole("ADMIN","USER")
.antMatchers("/").permitAll()
.and().formLogin();
}
@Bean
public PasswordEncoder getPasswordEncoder()
{
return NoOpPasswordEncoder.getInstance();
}
}
CallApplication.java
package com.example.callCenter;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class CallApplication {
public static void main(String[] args) {
SpringApplication.run(CallCenterApplication.class, args);
}
}
pom.xml:给出了所有的依赖关系,这不是问题,因为表单正在打开
application.properties:
spring.datasource.url=
spring.datasource.username=
spring.datasource.password=
spring.datasource.driverClassName=
spring.jpa.show_sql=true
spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.SQLServer2012Dialect
spring.jpa.hibernate.naming.physical-strategy=org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
spring.jpa.hibernate.ddl-auto=update
spring.jpa.hibernate.dialect=org.hibernate.dialect.SQLServer2012Dialect
spring.jpa.format_sql=true
我添加了几乎所有详细信息,但我这边没有待解决的问题,但是现在我需要一些帮助,为什么它不允许我给用户打电话并允许我登录。
这里的问题是存储在列中的值
ENABLED CHAR(1) CHECK (ENABLED IN ('Y','N') ) NOT NULL
JdbcUserDetailsManager。loadUsersByUsername(String username)具有以下代码逻辑,用于在创建User对象时填充其属性。
String userName = rs.getString(1);
String password = rs.getString(2);
boolean enabled = rs.getBoolean(3);
为了获取enabled
状态,使用ResultSet.getBoolean(),相同的java文档提到以下内容
以Java编程语言中的布尔值检索此ResultSet对象的当前行中指定列的值。
如果指定的列的数据类型为CHAR或VARCHAR,并且包含“ 0”,或者数据类型为BIT,TINYINT,SMALLINT,INTEGER或BIGINT,并且包含0,则返回false值。如果指定的列的数据类型为CHAR或VARCHAR,并且包含“ 1”,或者数据类型为BIT,TINYINT,SMALLINT,INTEGER或BIGINT,并且包含1,则返回true值。
在上面的代码中,启用/禁用的正确值分别为“ 1”和“ 0”。
本文收集自互联网,转载请注明来源。
如有侵权,请联系 [email protected] 删除。
我来说两句