我试图在我的春季启动应用中实现Spring安全性。 但每当我登录时,我都会得到无限的查询并最终导致stackoverflow错误。
Hibernate: select useraccoun0_.id as id1_1_, useraccoun0_.email as email2_1_, useraccoun0_.first_name as first_na3_1_, useraccoun0_.last_name as last_nam4_1_, useraccoun0_.password as password5_1_, useraccoun0_.status as status6_1_ from user_account useraccoun0_ where useraccoun0_.email=?
Hibernate: select roles0_.userid as userid1_1_0_, roles0_.roleid as roleid2_2_0_, role1_.id as id1_0_1_, role1_.name as name2_0_1_ from user_roles roles0_ inner join role role1_ on roles0_.roleid=role1_.id where roles0_.userid=?
Hibernate: select user0_.roleid as roleid2_0_0_, user0_.userid as userid1_2_0_, useraccoun1_.id as id1_1_1_, useraccoun1_.email as email2_1_1_, useraccoun1_.first_name as first_na3_1_1_, useraccoun1_.last_name as last_nam4_1_1_, useraccoun1_.password as password5_1_1_, useraccoun1_.status as status6_1_1_ from user_roles user0_ inner join user_account useraccoun1_ on user0_.userid=useraccoun1_.id where user0_.roleid=?
Hibernate: select roles0_.userid as userid1_1_0_, roles0_.roleid as roleid2_2_0_, role1_.id as id1_0_1_, role1_.name as name2_0_1_ from user_roles roles0_ inner join role role1_ on roles0_.roleid=role1_.id where roles0_.userid=?
Hibernate: select user0_.roleid as roleid2_0_0_, user0_.userid as userid1_2_0_, useraccoun1_.id as id1_1_1_, useraccoun1_.email as email2_1_1_, useraccoun1_.first_name as first_na3_1_1_, useraccoun1_.last_name as last_nam4_1_1_, useraccoun1_.password as password5_1_1_, useraccoun1_.status as status6_1_1_ from user_roles user0_ inner join user_account useraccoun1_ on user0_.userid=useraccoun1_.id where user0_.roleid=?
Hibernate: select roles0_.userid as userid1_1_0_, roles0_.roleid as roleid2_2_0_, role1_.id as id1_0_1_, role1_.name as name2_0_1_ from user_roles roles0_ inner join role role1_ on roles0_.roleid=role1_.id where roles0_.userid=?
Hibernate: select user0_.roleid as roleid2_0_0_, user0_.userid as userid1_2_0_, useraccoun1_.id as id1_1_1_, useraccoun1_.email as email2_1_1_, useraccoun1_.first_name as first_na3_1_1_, useraccoun1_.last_name as last_nam4_1_1_, useraccoun1_.password as password5_1_1_, useraccoun1_.status as status6_1_1_ from user_roles user0_ inner join user_account useraccoun1_ on user0_.userid=useraccoun1_.id where user0_.roleid=?
Hibernate: select roles0_.userid as userid1_1_0_, roles0_.roleid as roleid2_2_0_, role1_.id as id1_0_1_, role1_.name as name2_0_1_ from user_roles roles0_ inner join role role1_ on roles0_.roleid=role1_.id where roles0_.userid=?
Hibernate: select user0_.roleid as roleid2_0_0_, user0_.userid as userid1_2_0_, useraccoun1_.id as id1_1_1_, useraccoun1_.email as email2_1_1_, useraccoun1_.first_name as first_na3_1_1_, useraccoun1_.last_name as last_nam4_1_1_, useraccoun1_.password as password5_1_1_, useraccoun1_.status as status6_1_1_ from user_roles user0_ inner join user_account useraccoun1_ on user0_.userid=useraccoun1_.id where user0_.roleid=?
Hibernate: select roles0_.userid as userid1_1_0_, roles0_.roleid as roleid2_2_0_, role1_.id as id1_0_1_, role1_.name as name2_0_1_ from user_roles roles0_ inner join role role1_ on roles0_.roleid=role1_.id where roles0_.userid=?
Hibernate: select user0_.roleid as roleid2_0_0_, user0_.userid as userid1_2_0_, useraccoun1_.id as id1_1_1_, useraccoun1_.email as email2_1_1_, useraccoun1_.first_name as first_na3_1_1_, useraccoun1_.last_name as last_nam4_1_1_, useraccoun1_.password as password5_1_1_, useraccoun1_.status as status6_1_1_ from user_roles user0_ inner join user_account useraccoun1_ on user0_.userid=useraccoun1_.id where user0_.roleid=?
Hibernate: select roles0_.userid as userid1_1_0_, roles0_.roleid as roleid2_2_0_, role1_.id as id1_0_1_, role1_.name as name2_0_1_ from user_roles roles0_ inner join role role1_ on roles0_.roleid=role1_.id where roles0_.userid=?
Hibernate: select user0_.roleid as roleid2_0_0_, user0_.userid as userid1_2_0_, useraccoun1_.id as id1_1_1_, useraccoun1_.email as email2_1_1_, useraccoun1_.first_name as first_na3_1_1_, useraccoun1_.last_name as last_nam4_1_1_, useraccoun1_.password as password5_1_1_, useraccoun1_.status as status6_1_1_ from user_roles user0_ inner join user_account useraccoun1_ on user0_.userid=useraccoun1_.id where user0_.roleid=?
Hibernate: select roles0_.userid as userid1_1_0_, roles0_.roleid as roleid2_2_0_, role1_.id as id1_0_1_, role1_.name as name2_0_1_ from user_roles roles0_ inner join role role1_ on roles0_.roleid=role1_.id where roles0_.userid=?
Hibernate: select user0_.roleid as roleid2_0_0_, user0_.userid as userid1_2_0_, useraccoun1_.id as id1_1_1_, useraccoun1_.email as email2_1_1_, useraccoun1_.first_name as first_na3_1_1_, useraccoun1_.last_name as last_nam4_1_1_, useraccoun1_.password as password5_1_1_, useraccoun1_.status as status6_1_1_ from user_roles user0_ inner join user_account useraccoun1_ on user0_.userid=useraccoun1_.id where user0_.roleid=?
Hibernate: select user0_.roleid as roleid2_0_0_, user0_.userid as userid1_2_0_, useraccoun1_.id as id1_1_1_, useraccoun1_.email as email2_1_1_, useraccoun1_.first_name as first_na3_1_1_, useraccoun1_.last_name as last_nam4_1_1_, useraccoun1_.password as password5_1_1_, useraccoun1_.status as status6_1_1_ from user_roles user0_ inner join user_account useraccoun1_ on user0_.userid=useraccoun1_.id where user0_.roleid=?
Hibernate: select roles0_.userid as userid1_1_0_, roles0_.roleid as roleid2_2_0_, role1_.id as id1_0_1_, role1_.name as name2_0_1_ from user_roles roles0_ inner join role role1_ on roles0_.roleid=role1_.id where roles0_.userid=?
Hibernate: select user0_.roleid as roleid2_0_0_, user0_.userid as userid1_2_0_, useraccoun1_.id as id1_1_1_, useraccoun1_.email as email2_1_1_, useraccoun1_.first_name as first_na3_1_1_, useraccoun1_.last_name as last_nam4_1_1_, useraccoun1_.password as password5_1_1_, useraccoun1_.status as status6_1_1_ from user_roles user0_ inner join user_account useraccoun1_ on user0_.userid=useraccoun1_.id where user0_.roleid=?
这是我的用户DTO
@Data
@ToString(exclude = "password")
@Entity
public class UserAccount {
public static final PasswordEncoder PASSWORD_ENCODER = new BCryptPasswordEncoder();
@Id
@GeneratedValue
private long id;
private String email;
private String firstName;
private String lastName;
@JsonIgnore
private String password;
@ManyToMany(fetch = FetchType.EAGER)
@JoinTable(name = "user_roles", joinColumns = @JoinColumn(name = "userID"), inverseJoinColumns = @JoinColumn(name = "roleID"))
private Set<Role> roles = new HashSet<>();
@Enumerated(EnumType.ORDINAL)
private Status status;
public void setPassword(String password) {
this.password = PASSWORD_ENCODER.encode(password);
}
}
这是我的角色DTO
@Data
@Entity
public class Role {
@Id
@GeneratedValue
private int id;
private String name;
@ManyToMany(mappedBy = "roles", fetch = FetchType.EAGER)
private Set<UserAccount> user = new HashSet<>();
}
这是我的 CustomUserDetailsService
@Component
public class UserDetailsServiceImpl implements UserDetailsService {
@Autowired
private UserRepository repository;
@Override
public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
UserAccount user = repository.findByEmail(email);
Collection<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
for (Role role : user.getRoles()) {
authorities.add(new SimpleGrantedAuthority(role.getName()));
}
return new User(user.getEmail(), user.getPassword(), authorities);
}
}
这是我的 SecurityConfig
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
UserDetailsServiceImpl userDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(UserAccount.PASSWORD_ENCODER);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/built/**", "/css/main.css","/css/vendor/flexboxgrid.css").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.defaultSuccessUrl("/", true)
.permitAll()
.and()
.httpBasic()
.and()
.csrf().disable()
.logout()
.logoutSuccessUrl("/");
}
我真的无法找到我的配置有什么问题。感谢您的帮助。
答案 0 :(得分:0)
您的user_role
表格与user_account
表格不存在关联。 user_account
应与one to many
建立user_role
关系。你得到了无限循环,因为user_role
与user_account
有一个循环关系。
答案 1 :(得分:0)
我弄清楚了什么是错的,并最终让它发挥作用。我将Set
更改为Collection
。这似乎是一个休眠的bug。