Spring Boot和JWT编码密码看起来不像BCrypt

时间:2019-03-15 14:12:33

标签: spring-boot jwt

我知道对此有几个问题,但没有一个得到帮助,一切对我来说似乎还可以...我希望我对此有误。
我已经遵循this tutorial为我的Spring Boot应用程序使用JWT创建身份验证,但是我一直被这个警告所困扰

 o.s.s.c.bcrypt.BCryptPasswordEncoder     : Encoded password does not look like BCrypt

这是扩展WebSecurityConfigurerAdapter的类:

@EnableWebSecurity
public class WebSecurity extends WebSecurityConfigurerAdapter {



    private UserDetailsService userDetailsService;



    private BCryptPasswordEncoder bCryptPasswordEncoder;



    public WebSecurity(UserDetailsService userDetailsService, BCryptPasswordEncoder bCryptPasswordEncoder) {
        this.userDetailsService = userDetailsService;
        this.bCryptPasswordEncoder = bCryptPasswordEncoder;
    }



    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http.csrf().disable().authorizeRequests()       
                .antMatchers(HttpMethod.POST, SIGN_UP_URL).permitAll()
                .anyRequest().authenticated()
                .and()
                .addFilter(new JWTAuthenticationFilter(authenticationManager()))
                .addFilter(new JWTAuthorizationFilter(authenticationManager()));
    }



    @Override
    public void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder);
    }
}

这是实现UserDetailsS​​ervice的类:

public class UserDetailsServiceImpl implements UserDetailsService {



    private ApplicationUserRepository applicationUserRepository;



    public UserDetailsServiceImpl(ApplicationUserRepository applicationUserRepository) {
        this.applicationUserRepository = applicationUserRepository;
    }



    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        System.out.println("loadUserByUsername");
        ApplicationUser applicationUser = applicationUserRepository.findByUsername(username);

        if (applicationUser == null) {
            System.out.println("User non trovato");
            throw new UsernameNotFoundException(username);
        }
        System.out.println("Username: " + applicationUser.getUsername());
        return new User(applicationUser.getUsername(), applicationUser.getPassword(), emptyList());
    }

}

此外,我想知道WebSecurity类在哪里传递了正确的参数。这是由Spring自动管理的吗?

1 个答案:

答案 0 :(得分:0)

发现了问题,这是我的类UserDetailsS​​erviceImpl没有“ @Service”注释。现在一切正常。

相关问题
最新问题