我正在尝试缓存UserDetails loadUserByUsername(String username) 问题是在缓存之后,结果来自正确的用户但是 密码始终设置为null,但在缓存时不是null
@Service
public class MyUserDetailsService实现UserDetailsService {
@Autowired
UserRepository userRepository;
@Cacheable(value="usersLogged" ,key="#username" ,unless="#result.password==null")
@Override
public org.springframework.security.core.userdetails.User loadUserByUsername(
String username) throws UsernameNotFoundException {
try {
// User user = userRepository.getUserByEmail(username); Switch to id
// token base
User user = userRepository.findOne(username);
if (user == null) {
throw new UsernameNotFoundException(
"Invalid username/password.");
}
boolean accountNonExpired = true;
boolean credentialsNonExpired = true;
boolean accountNonLocked = user.isActive();
String userN = user.getId(); // the suer is in the system
String pass = user.getPassword();
Collection<? extends GrantedAuthority> authorities = AuthorityUtils
.createAuthorityList(user.getRole().toString());
org.springframework.security.core.userdetails.User userBuild = new org.springframework.security.core.userdetails.User(
userN, pass, user.isEnabled(), accountNonExpired,
credentialsNonExpired, accountNonLocked, authorities);
return userBuild;
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
return null;
// throw new
// UsernameNotFoundException("Invalid username/password.");
}
}
}
答案 0 :(得分:-1)
看起来像spring cache在公共可见性时有缓存问题 密码受到保护 在手册中 使用代理时,应仅将缓存注释应用于具有公共可见性的方法。如果使用这些注释对带保护的,私有的或包可见的方法进行注释,则不会引发错误,但带注释的方法不会显示已配置的高速缓存设置。如果您需要注释非公共方法,因为它会更改字节码本身,请考虑使用AspectJ(见下文)