这是我的登录表单
<form class="login-form" action="j_spring_security_check" method="post" >
<fieldset>
<legend>Login Here</legend>
<div class="form-group required">
<label id="inputEmail" class="control-label col-md-4">Email</label>
<div class="col-md-8">
<input type="email" class="form-control" id="username" name="username" placeholder="Enter email" >
</div>
</div>
<div class="form-group">
<label id="inputpwd" class="control-label col-md-4">Password</label>
<div class="col-md-8">
<input type="password" class="form-control" id="pwd" name="password" placeholder="Enter password" >
</div>
</div>
<p><input type="submit" value="Login"/></p>
</fieldset>
</form>
如何在实现UserDetailsService
的类中检索我们为密码提供的输入public class LoginUserDetails implements UserDetailsService {
@Override
public UserDetails loadUserByUsername(final String username) throws UsernameNotFoundException {
final User user = DataLayer.queryToGetUserDetails(username);
返回新的UserDetails(){
private static final long serialVersionUID = 2059202961588104658L;
@Override
public boolean isEnabled() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public String getUsername() {
return user.getUsername();
}
@Override
public String getPassword() {
return user.getPassword();
}
//To DO for authentication.
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
List<SimpleGrantedAuthority> auths = new java.util.ArrayList<SimpleGrantedAuthority>();
auths.add(new SimpleGrantedAuthority("patient"));
return auths;
}
};
}
}
我正在返回上面的值。因此,为了进行自定义身份验证,我需要在该类中获取密码字段 提前致谢
答案 0 :(得分:0)
loadUserByUsername返回的UserDetails将用于匹配您使用在SecurityConfiguration中设置的passwordEncoder传入的密码
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder);
}
PasswordEncoder接口
public interface PasswordEncoder {
String encode(CharSequence rawPassword);
boolean matches(CharSequence rawPassword, String encodedPassword);
rawPassword参数是您在
中传递的密码编辑:
你需要有一个SecurityConfiguration类,如下所示:
@Configuration
@EnableWebSecurity
@ComponentScan
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Inject
private LoginUserDetails loginUserDetails;
@Bean
public BCryptPasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/login").permitAll()
.and()
.authorizeRequests()
.anyRequest().hasRole("ROLE_USER")
.and()
.formLogin()
.usernameParameter("j_username") //user name form name
.passwordParameter("j_password") //password form name
.loginProcessingUrl("/j_spring_security_check") //form submit url
.loginPage("/login")
.failureUrl("/")
.defaultSuccessUrl("")
.and()
.logout()
.logoutSuccessUrl("/");
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(loginUserDetails).passwordEncoder(passwordEncoder);
}
答案 1 :(得分:0)
@Controller
公共类LoginUserDetails实现UserDetailsService {
@RequestMapping("/j_spring_security_check")
public UserDetails loadUserByUsername(final String username,String password) throws UsernameNotFoundException {
final User user = DataLayer.queryToGetUserDetails(username,password);
} }