弹簧安全5.7-如何返回自定义用户尾巴
我已经看到了很多示例,其中一个用户创建自定义userDetailsservice,以覆盖loaduserByUsername方法并返回userDetails 对象。
这是以前使用这样的STH完成的,
@Override
public void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
authenticationManagerBuilder.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
}
现在对新版本进行了我对如何执行此操作感到困惑的新版本,
我创建了bean,并使用了jdbcuserdetailsmanager,我可以配置我的自定义对用户和当局表的查询
@Bean
public UserDetailsManager userDetailsManager(DataSource dataSource) {
String usersByUsernameQuery = "select username, password, enabled from tbl_users where username = ?";
String authsByUserQuery = "select username, authority from tbl_authorities where username = ?";
JdbcUserDetailsManager userDetailsManager = new JdbcUserDetailsManager(dataSource);
userDetailsManager.setUsersByUsernameQuery(usersByUsernameQuery);
userDetailsManager.setAuthoritiesByUsernameQuery(authsByUserQuery);
return userDetailsManager;
}
,但是如何使用额外字段返回自定义用户访问对象,例如带有新版本的电子邮件?
I've seen a lot of examples where a user creates a custom UserDetailsService in order to override the loadUserByUsername method and return a custom implementation of a UserDetails object.
This was done previously with sth like this
@Override
public void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
authenticationManagerBuilder.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
}
Now with the new version I'm confused on how to do this
I created a Bean and used the JdbcUserDetailsManager, I can configure my custom queries for users and authorities tables
@Bean
public UserDetailsManager userDetailsManager(DataSource dataSource) {
String usersByUsernameQuery = "select username, password, enabled from tbl_users where username = ?";
String authsByUserQuery = "select username, authority from tbl_authorities where username = ?";
JdbcUserDetailsManager userDetailsManager = new JdbcUserDetailsManager(dataSource);
userDetailsManager.setUsersByUsernameQuery(usersByUsernameQuery);
userDetailsManager.setAuthoritiesByUsernameQuery(authsByUserQuery);
return userDetailsManager;
}
but how to return a custom UserDetails object with an extra field, e.g. an email with the new version?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
好的,经过许多尝试,我所做的就是完全删除
jdbcuserdetailsmanager从我的自定义security> securityconfig类中的东西,我创建了一个自定义userdetailsservice和code> USERDETAILS类,它起作用。因此,安全配置类没有有关用户身份验证的代码。
我很困惑,因为我认为我必须以某种方式在配置类中创建一个
@Bean,我自己实现身份验证,并且总的来说,所有这些身份验证代码 在配置类内完成,但它可以使用这种方法。详细信息类
还检查 Spring Security Security Architecture
OK after many tries what I did was to remove completely
JdbcUserDetailsManagerstuff from my customSecurityConfigclass and I created a customUserDetailsServiceand customUserDetailsclass and it worked.So security config class had no code regarding the authentication of the users.
I was very confused because I thought that somehow I had to create a
@Beaninside the config class, implement the authentication myself and in general that all this authentication code had to be done inside the config class, but it worked with this approach.And the details class
Also check Spring Security Architecture