您好,初级开发人员,在具有Spring框架+ Hibernate + Spring Security + jsf的项目中,我遇到了一个问题,当将登录用户登录到Spring Security构建器中时,我可以轻松地从.xhtml和检查数据库,但是当我将用户传递给spring安全时,它不会激活。
customUserDetail上将用户转移到SecurityConfig类的部分如下
public org.springframework.security.core.userdetails.UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException {
// TODO Auto-generated method stub
System.out.println("das"+ usuario_login.getDas());
System.out.println("pass"+ usuario_login.getPassword());
List<GrantedAuthority> authorities = buildUserAuthority(usuario_login.getRoles());
return buildUserForAuthentication(usuario_login, authorities);
//SecurityConfig sec = new SecurityConfig().configureGlobal(auth);
}
private User buildUserForAuthentication ( Usuarios user, List<GrantedAuthority> authorities) {
return new User(user.getDas(),user.getPassword(),true,true,true,true,authorities);
}
private List<GrantedAuthority> buildUserAuthority(Roles roles) {
Set<GrantedAuthority> setAuths = new HashSet<GrantedAuthority>();
setAuths.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
List<GrantedAuthority> Result = new ArrayList<GrantedAuthority>(setAuths);
return Result;
}
此刻,用户的角色已被硬编码为Role_admin。事实是,即使在调试时,使用上述3种方法也可以正常工作,但随后加载SecurityConfig.class的configure (AuthenticationManagerBuilder auth)
方法却无济于事。
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// TODO Auto-generated method stub
auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
}
当我运行该应用程序时,它要做的第一件事是加载SecurityConfig.class及其方法,但是当出现登录视图并且完成了对数据库的所有验证后,就不再使用SecurityConfig中的该生成器。