我正在学习如何配置spring security以保护REST API。我找到了一个教程,随后按照以下方式设置了securityconfig.java。
package com.vaidiksanatansewa.guruji.security;
import javax.sql.DataSource;
import com.vaidiksanatansewa.guruji.service.UserloginService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@EnableWebSecurity
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
DataSource dataSource;
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource)
.usersByUsernameQuery("select username from users where username=? and status=1 ")
.authoritiesByUsernameQuery("select user_role.role from users inner join user_role on users.role_fid=user_role.id where users.username=? and users.status=1");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers( "/appointment/**").permitAll()
.antMatchers("/user/**").hasRole("USER")
.and()
.formLogin()
.and()
.csrf().disable();
}
}
这还是行不通的。声明
Your login attempt was not successful, try again.
Reason: PreparedStatementCallback; SQL [select username from users where username=? and status=1 ]; Column Index out of range, 2 > 1. ; nested exception is java.sql.SQLException: Column Index out of range, 2 > 1.
我正在使用jdbctemplate进行数据库操作,并使用springboot作为样板,但在任何地方都找不到合适的指南。
您能指导我如何使用Spring Security处理和使用输入的用户名/密码吗?另外这里的数据源是什么?(我是从教程中获得的)。如果代码思想还可以,那么这里有什么问题呢? 我希望解释一下这里的情况。明确解释的参考文献也会这样做。 谢谢。