我是Spring Security的新手,并且使用Springboot,Mysql使用jwt创建具有身份验证的示例应用程序。但是,我注意到在登录请求时,当进行身份验证时,Spring安全性正在检索所有延迟加载的属性(在我的情况下为Roles,Personal Details)。有什么方法可以让Spring安全人员忽略进行额外的调用来获取PersonalDetails。
应用属性
logging.level.org.hibernate.SQL=DEBUG
logging.level.org.hibernate.type=TRACE
用户模型
public class User {
private Long id;
private String username;
private String password;
@OneToOne(fetch=FetchType.LAZY, mappedBy="user")
private PersonalDetails personalDetails;
@ManyToMany(fetch = FetchType.LAZY)
private Set<Role> roles = new HashSet<>();
// getters and setters
}
AuthController
@PostMapping("/signin")
public ResponseEntity<?> signin(@Valid @RequestBody LoginRequest loginRequest) {
Authentication authentication =
authenticationManager
.authenticate(
new UsernamePasswordAuthenticationToken(
loginRequest.getUsernameOrEmail(),
loginRequest.getPassword()
)
);
SecurityContextHolder.getContext().setAuthentication(authentication);
String jwtToken = tokenProvider.generateToken(authentication);
return ResponseEntity.ok(new JwtResponse(jwtToken));
}