0
我正在通过阅读来学习Spring4。现在,我遇到了一个关于Spring Security的问题。当我请求“/ home”时,我得到登录页面,但是当我填入表单并提交它,我无法进入UserDetailsService,但直接转到控制器,然后返回到登录页面。我调试它,发现spitterUserDetailsService不为空,它是自动装配的。所以我不知道问题出在哪里。这里是我的代码。提前感谢。Spring Security的UserServiceDetails不起作用
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService spitterUserDetailsService;
@Override
protected void configure(HttpSecurity http) throws Exception{
http.formLogin().loginPage("/spitter/login").permitAll()
.and().rememberMe()
.and().authorizeRequests().antMatchers("/spitter/home").hasRole("SPITTER")
.anyRequest().permitAll();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception{
auth.userDetailsService(spitterUserDetailsService);
}
}
@Service
public class SpitterUserDetailsService implements UserDetailsService {
@Autowired
private SpitterRepository spitterRepository;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
System.err.println("---------- User Details Service start -----------");
Spitter spitter = spitterRepository.findByUsername(username);
if(spitter == null){
throw new UsernameNotFoundException(username + " not found ");
}
List<SimpleGrantedAuthority> authorities = new ArrayList<SimpleGrantedAuthority>();
authorities.add(new SimpleGrantedAuthority("ROLE_SPITTER"));
System.out.println(spitter.getUsername() + " : ROLE_SPITTER");
return new User(spitter.getUsername(), spitter.getPassword(), authorities);
}
}
@Controller
@RequestMapping("/spitter")
public class SpitterController {
@Autowired
private SpitterRepository spitterRepository;
@RequestMapping(value= "/login", method = RequestMethod.GET)
public String login(Model model){
model.addAttribute("spitter", new Spitter());
return "spitter/login";
}
@RequestMapping(value= "/loginForm", method = RequestMethod.POST)
public String login(@ModelAttribute("spitter") Spitter spitter){
System.out.println(spitter.getUsername() + " logined..");
return "redirect:home";
}
@RequestMapping(value = "/register", method = RequestMethod.GET)
public String showRegistrationForm(Model model){
model.addAttribute("spitter", new Spitter());
return "spitter/registerForm";
}
@RequestMapping(value="/register", method = RequestMethod.POST)
public String register(@ModelAttribute("spitter") Spitter spitter){
spitterRepository.addSpitter(spitter);
return "spitter/registerSuccessfully";
}
@RequestMapping("/home")
public String hello(){
return "spitter/helloWorld";
}
}
这是我的github网址:https://github.com/CherryYu/SpringHibernate.git –
这是你告诉春天做的。您的表单直接发布到控制器并绕过Spring Security ... –
我重写了WebSecurityConfigurerAdapter中的配置,并定义了一些规则。我不知道为什么我的表单直接发布到控制器上...我只是想要当我请求“/ home”时,我可以通过UserDetailsService验证用户的角色。 –