8
我有一个简单的应用程序,我可以在其中注册用户并进行身份验证。我已经使用密码编码并成功验证了它们。我在我的应用程序中使用Spring 3,Spring Security 3和Hibernate 3。Spring Security 3:密码问题
现在我想用他们的用户ID来密码他们的密码,但我无法实现此功能。有人能帮我实现吗?我一直在尝试做很长时间,但无法完成。
这里是我用腌制用户ID和验证他们的代码。
XYZ-security.xml文件
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/welcome.do" access="hasRole('ROLE_USER')" />
<form-login login-page="/login.do" authentication-failure-url="/login.do?login_error=1"/>
<logout invalidate-session="true" logout-url="/logout" logout-success-url="/"/>
</http>
<beans:bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<beans:property name="userDetailsService" ref="userDetailsService"/>
</beans:bean>
<beans:bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
<beans:property name="providers">
<beans:list>
<beans:ref local="daoAuthenticationProvider" />
</beans:list>
</beans:property>
</beans:bean>
<authentication-manager>
<authentication-provider user-service-ref="userDetailsService">
<password-encoder ref="passwordEncoder">
<salt-source ref="saltSource"/>
</password-encoder>
</authentication-provider>
</authentication-manager>
<!-- For hashing and salting user passwords -->
<beans:bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.ShaPasswordEncoder"/>
<beans:bean id="saltSource" class="org.springframework.security.authentication.dao.ReflectionSaltSource"
p:userPropertyToUse="id"/>
UserDetailsAdapter.java
@Service("userDetailsAdapter")
public class UserDetailsAdapter {
private Long id;
org.springframework.security.core.userdetails.User buildUserFromUserEntity(User userEntity) {
String username = userEntity.getUsername();
String password = userEntity.getPassword();
boolean enabled = userEntity.isEnabled();
boolean accountNonExpired = true;
boolean credentialsNonExpired = true;
boolean accountNonLocked = true;
Collection<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
for (String authority: userEntity.getAuthorities()) {
authorities.add(new GrantedAuthorityImpl(authority));
}
this.id = userEntity.getId();
org.springframework.security.core.userdetails.User user = new org.springframework.security.core.userdetails.User(username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities);
return user;
}
public Long getId() {
return id;
}
}
UserDetailsServiceImpl
@Service("userDetailsService")
public class UserDetailsServiceImpl implements UserDetailsService {
@Autowired
private UserDao userDao;
@Autowired
private UserDetailsAdapter userDetailsAdapter;
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
UserDetails userDetails = null;
User userEntity = userDao.findByUsername(username);
if (userEntity == null) {
throw new UsernameNotFoundException("user not found");
}
userDetails = userDetailsAdapter.buildUserFromUserEntity(userEntity);
return userDetails;
}
}
UserServiceImpl
@Service
public class UserServiceImpl implements UserService {
@Autowired
private UserDao userDao;
@Autowired
private PasswordEncoder passwordEncoder;
@Autowired
private SaltSource saltSource;
public User getByUsername(String username) {
return userDao.findByUsername(username);
}
public User getByEmail(String email) {
return userDao.findByEmail(email);
}
public void createUser(User user) {
userDao.create(user);
UserDetailsAdapter userDetailsAdapter = new UserDetailsAdapter();
org.springframework.security.core.userdetails.User userDetails = userDetailsAdapter.buildUserFromUserEntity(user);
String password = userDetails.getPassword();
Object salt = saltSource.getSalt(userDetails);
user.setPassword(passwordEncoder.encodePassword(password, salt));
userDao.update(user);
}
public void updateUser(User user) {
userDao.update(user);
}
}
有人能帮助我了解我是什么在这里失踪? 非常感谢。
能否请您分享您的示例代码?问候,Neha – 2015-12-29 13:34:44