0
我有一个表代理:[ID主键,电子邮件VARCHAR,密码为varchar]Spring security4“访问被拒绝”问题,authoritiesByUsernameQuery不起作用?
和agents_roles表:[agent_role_id主键,电子邮件VARCHAR,AGENT_ID外键]
在我安全控制器我有这样的:
@Configuration
@EnableWebSecurity
public class Security extends WebSecurityConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception
{
auth.jdbcAuthentication().dataSource(dataSource)
.usersByUsernameQuery("select email, password,visibility from agents where email=?")
.authoritiesByUsernameQuery("select email, role from agents_roles where email=?");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.formLogin().loginPage("/login");
http.authorizeRequests().antMatchers("/admin/**").hasRole("ADMIN");
http.authorizeRequests().antMatchers("/agent/**").hasRole("DEV");
http.exceptionHandling().accessDeniedPage("/403");
}
}
当我试图让主页的获得拒绝访问页面“403.html”!
我想第二个查询“authoritiesByUsernameQuery”不能正常工作,但我不知道为什么?
我试着用users表和users_role的另一个例子,它工作正常,但不同的是用户名是主键!
请帮助,谢谢。