对不起提前为我的英语不好..春天开机使用Spring Security和自定义数据库
既然我已经改变了我的数据库配置我没有成功登录我对我的应用程序。 我正在使用Spring安全性。在进行更改之前,所有的工作。
我有两个实体:
- User.java
- UserRole.java
User.java
package betizy.models;
//imports
@Entity
@Table(name = "use_user")
public class User {
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
@Column(name="USE_ID")
private Long id;
@NotNull
@Column(name = "USE_USERNAME")
private String username;
@NotNull
@Column(name = "USE_PASSWORD")
private String password;
@NotNull
@Column(name = "USE_EMAIL")
private String email;
//getters and setters
}
UserRole.java
package betizy.models;
//imports
@Entity
@Table(name = "usr_user_role")
public class UserRole {
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
@Column(name="USR_ID")
private Long id;
@ManyToOne
@JoinColumn(name = "USR_USE_ID")
private User user;
@NotNull
@Column(name = "USR_ROLE")
private String role;
//getters and setters
}
的login.html
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
<head>
<title>Spring Security Example </title>
<script src="/webjars/angularjs/1.4.9/angular.js"></script>
<script src="webjars/jquery/2.0.3/jquery.min.js"></script>
<link rel="stylesheet" href="/webjars/bootstrap/3.3.6/css/bootstrap.css">
<script src="/js/index.js"></script>
</head>
<body ng-app="Betizy">
<div header></div>
<div th:if="${param.error}">
Invalid username and password.
</div>
<div th:if="${param.logout}">
You have been logged out.
</div>
<form th:action="@{/login}" method="post">
<div><label> User Name : <input type="text" name="username" required/> </label></div>
<div><label> Password: <input type="password" name="password" required/> </label></div>
<div><input type="submit" value="Sign In"/></div>
</form>
<div>To open a new account click <a href="/register">here</a>. </div>
<div footer></div>
</body>
</html>
SecurityConfig.java
package betizy.security;
//imports
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
DataSource dataSource;
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource)
//.passwordEncoder(passwordEncoder())
.usersByUsernameQuery(
"select * from use_user where use_user.use_username=?")
.authoritiesByUsernameQuery(
"select * from usr_user_role inner join use_user on use_user.use_id = usr_user_role.usr_use_id where use_user.use_username=?");
}
@Bean
public PasswordEncoder passwordEncoder(){
PasswordEncoder encoder = new BCryptPasswordEncoder();
return encoder;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
//.antMatchers("/hello").access("hasRole('ROLE_ADMIN')")
.antMatchers("/", "/register", "/user/create", "/webjars/**", "/js/**").permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage("/login").permitAll()
.usernameParameter("username").passwordParameter("password")
.and()
.logout().permitAll()
.and()
.exceptionHandling().accessDeniedPage("/403")
.and()
.csrf().disable();
}
}
我认为问题是SecurityConfig.java我User
实体字段或我的两个查询的名字,但我有什么想法,我该怎么做才能解决我的问题。
我必须保持我的数据库配置(字段名称)。
预先感谢您的帮助! :)
编辑
有两个改变所有的作品,但它不是良好的数据库。我将发布两个数据库和之差的在SecurityConfig.java
第一基(它是作品)
User table
User Role table
随着SecurityConfig。java的
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource)
.usersByUsernameQuery(
"select username,password, enabled from users where username=?")
.authoritiesByUsernameQuery(
"select username, role from user_roles where username=?");
}
其次这是行不通的。我不能发布的链接,但你必须在上面User.java和UserRole.java完美的描述
随着SecurityConfig.java
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource)
.usersByUsernameQuery(
"select use_username, use_password, use_email from use_user where use_username=?")
.authoritiesByUsernameQuery(
"select use_username, usr_role from usr_user_role, use_user where use_id = usr_use_id and use_username=?");
}
例如,我的实体字段的名称。我发现这个http://www.raistudies.com/spring-security-tutorial/custom-tables-spring-security/但我使用的是Spring Boot,所以这个文件在哪里? –
你得到的错误是什么?张贴日志。 – Jobin
我没有记录或错误..我不知道为什么。 –