用户帐户在登录时被锁定
ann*_*erg 0 java spring spring-mvc spring-security spring-boot
我现在开始学习Spring Security,但遇到了麻烦。我编写了配置类,从数据库获取数据等,但在我的网页中,我在登录后看到消息“用户帐户已锁定”和 url 中的错误参数。
MessengerApplication.java
@SpringBootApplication
public class MessengerApplication {
public static void main(String[] args) {
SpringApplication.run(MessengerApplication.class, args);
}
}
MainPageController.java
@RestController
public class MainPageController {
@RequestMapping("/")
public ModelAndView greeting() {
Map<String, Object> model = new HashMap<>();
model.put("data", "world");
return new ModelAndView("main_page", model);
}
}
安全配置.java
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserServiceImpl userService;
@Override
protected void configure(AuthenticationManagerBuilder auth)
throws Exception {
auth.authenticationProvider(authenticationProvider());
}
@Bean
public DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authProvider
= new DaoAuthenticationProvider();
authProvider.setUserDetailsService(userService);
authProvider.setPasswordEncoder(encoder());
return authProvider;
}
@Bean
public PasswordEncoder encoder() {
return new BCryptPasswordEncoder();
}
}
UserServiceImpl.java
@Service
public class UserServiceImpl implements UserDetailsService {
@Autowired
UserRepository userRepository;
@Override
public MyUserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
User user = userRepository.findUserByName(s);
if (user == null)
throw new UsernameNotFoundException(s);
return new MyUserDetails(user);
}
}
UserRepositoryImpl.java
@Repository
public class UserRepositoryImpl implements UserRepository {
@Autowired
JdbcTemplate template;
@Override
public User findUserByName(String name) {
return template.queryForObject("select * from users where name = ?", rowMapper, name);
}
private RowMapper<User> rowMapper = new RowMapper<User>() {
@Override
public User mapRow(ResultSet resultSet, int i) throws SQLException {
User user = new User();
user.setPassword(resultSet.getString("password"));
user.setName(resultSet.getString("name"));
user.setId(resultSet.getLong("id"));
return user;
}
};
}
用户存储库.java
public interface UserRepository {
User findUserByName(String name);
}
用户.java
@Entity
public class User {
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
@Column(nullable = false, unique = true)
private String name;
private String password;
// get(), set()
}
我的用户详细信息.java
public class MyUserDetails implements UserDetails {
private User user;
public MyUserDetails(User user) {
this.user = user;
}
// ...
}
其方法是isAccountNonLocked,偏重非。您需要true从此方法返回才能获得“解锁”帐户。与“过期”等相关的方法也是如此。在这种情况下true意味着允许它,false意味着拒绝它。
| 归档时间: |
|
| 查看次数: |
4367 次 |
| 最近记录: |