我正在尝试实现自定义UserDetailsService。 我的问题是,即使loadUserByUsername(String username)方法正在运行(至少从存储库返回正确的用户),登录仍然无法正常工作。
我实现这个的课程是:
public class CustomUserDetailsService implements UserDetailsService{
@Override
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException {
RepositoryMock repo = RepositoryMock.getInstance(); //the instance of repository
model.User user = repo.getUserByUsername(username);
if (user == null){
throw new UsernameNotFoundException("User not found");
}
else{
System.out.println(user); // this prints : user1-Userr-Userr-user@yaho.com
// -ROLE_USER-12345
return user;
}
}
}
这基本上是针对具有给定用户名的用户的我的存储库。我的存储库是:
public class RepositoryMock {
private HashMap<String,User> usersList;
private static RepositoryMock instance = null;
public RepositoryMock(){
this.usersList = new HashMap<String,User>();
// add a provisorial user, for testing
User u1 = new User("user1", "Userr", "Userr", "user2@yahoo.com", Role.ROLE_USER, "12345");
usersList.put("user1", u1);
}
public static RepositoryMock getInstance() {
if (instance == null) {
instance = new RepositoryMock();
}
return instance;
}
public User getUserByUsername(String username) {
if (this.usersList.containsKey(username)) {
return this.usersList.get(username);
}
return null;
}
public HashMap<String,User> getUsersList(){
return usersList;
}
}
最后我实现UserDetails的User类如下:
public class User implements UserDetails{
private String userName;
private String firstName;
private String lastName;
private String email;
private Role role; // Role here is a simple enumeration
private String password;
public User(String userName,String firstName,String lastName,String email,Role role,String password){
this.userName = userName;
this.firstName = firstName;
this.lastName = lastName;
this.email = email;
this.role = role;
this.password = password;
}
private Role getRole() {
return role;
}
@Override
public String getPassword() {
return password;
}
@Override
public String getUsername() {
return userName;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
System.out.println("Get Authorities from user");
List<GrantedAuthority> returnList = new ArrayList<GrantedAuthority>();
returnList.add(new SimpleGrantedAuthority(getRole().name()));
return returnList;
}
@Override
public boolean isAccountNonExpired() {
return false;
}
@Override
public boolean isAccountNonLocked() {
return false;
}
@Override
public boolean isCredentialsNonExpired() {
return false;
}
@Override
public boolean isEnabled() {
return false;
}
@Override
public String toString() {
return this.userName + " - " + this.firstName + " - " + this.lastName + " - " +
this.email + " - " + this.role + " - " + this.password;
}
}
至于我的弹簧配置: 我在mvc-dispatcher-servlet.xml中为UserDetailService添加了bean,如下所示:
我的spring-security.xml是这样的:
<!-- Securing application links -->
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/homee*" access="ROLE_USER" />
<form-login login-page="/login" default-target-url="/homee"
authentication-failure-url="/loginfailed" />
<logout logout-success-url="/logout" />
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="test" password="123456" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
<authentication-provider user-service-ref="customUserDetailsService">
</authentication-provider>
</authentication-manager>
使用spring-xml硬编码用户进行身份验证工作正常:test; 12345但我无法从我的存储库(RepositoryMock)登录用户。 对不起我的长篇文章,任何帮助将不胜感激:)。谢谢!
我怀疑我对用户权限(角色)做错了。
***Later Edit***:
正如用户Aleksandr M指出的那样,当我创建User类时,我的IDE将覆盖 isAccout ...,isCredentials ..返回false并且我没有发现那个。设置返回true解决了我的问题。