以下是配置代码段:
@Configuration
@EnableWebSecurity
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Bean
@Override
protected UserDetailsService userDetailsService() {
return super.userDetailsService();
}
@Autowired
private UserDetailsService userDetailsService;
@Bean
AuthenticationProvider authenticationProvider(){
DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
provider.setUserDetailsService(userDetailsService);
provider.setPasswordEncoder(new BCryptPasswordEncoder());
return provider;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/register", "/registration")
.permitAll()
.antMatchers("/home")
.hasAuthority("USER")
.antMatchers("/admin")
.hasAuthority("ADMIN")
.anyRequest()
.authenticated()
.and()
.httpBasic();
}
}
下面是另一个名为customuserdetails的相关类:
@Component
public class CustomUserDetails implements UserDetails {
private User user;
public CustomUserDetails(User user) {
super();
this.user = user;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return Collections.singleton(new SimpleGrantedAuthority("USER"));
//return Collections.emptyList();
}
@Override
public String getPassword() {
return user.getPassword();
}
@Override
public String getUsername() {
return user.getEmail();
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
}
这是@service:
@Service
public class CustomUserDetailsService implements UserDetailsService {
@Autowired
private UserRepository userRepository;
@Override
public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
User user = userRepository.findByEmail(email);
if(user ==null) {
throw new UsernameNotFoundException("User Not Found");
}
return new CustomUserDetails(user);
}
}
网址 /home
必须只有用户可以访问,但当我向它发送get请求时,它是可访问的,不需要任何授权甚至身份验证。我想我忽略了什么,请帮忙。
暂无答案!
目前还没有任何答案,快来回答吧!