spring 如何在Sping Boot 2.7中使用userDetailsService更新已停用的WebSecurityConfigurerAdapter

piwo6bdm  于 2022-10-30  发布在  Spring
关注(0)|答案(3)|浏览(360)

Spring 2.7中的WebSecurityConfigurerAdapter已过时。我应该如何更新此类:

  1. public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
  2. private final UserRepository userRepository;
  3. @Autowired
  4. public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
  5. auth.userDetailsService(
  6. email -> {
  7. log.debug("Authenticating '{}'", email);
  8. Optional<User> optionalUser = userRepository.findByEmailIgnoreCase(email);
  9. return new AuthUser(optionalUser.orElseThrow(
  10. () -> new UsernameNotFoundException("User '" + email + "' was not found")));
  11. }
  12. ).passwordEncoder(PasswordEncoderFactories.createDelegatingPasswordEncoder());
  13. }
  14. @Override
  15. protected void configure(HttpSecurity http) throws Exception {
  16. http.authorizeRequests()....
  17. }
  18. }
tv6aics1

tv6aics11#

根据Spring Security without the WebSecurityConfigurerAdapter,可以更新:

  1. public class SecurityConfiguration {
  2. private final UserRepository userRepository;
  3. @Bean
  4. public PasswordEncoder passwordEncoder() {
  5. return PasswordEncoderFactories.createDelegatingPasswordEncoder();
  6. }
  7. @Bean
  8. public UserDetailsService userDetailsService() {
  9. return email -> {
  10. log.debug("Authenticating '{}'", email);
  11. Optional<User> optionalUser = userRepository.findByEmailIgnoreCase(email);
  12. return new AuthUser(optionalUser.orElseThrow(
  13. () -> new UsernameNotFoundException("User '" + email + "' was not found")));
  14. };
  15. }
  16. @Bean
  17. public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
  18. http.authorizeRequests()...;
  19. return http.build();
  20. }
  21. }
展开查看全部
hmae6n7t

hmae6n7t2#

//Spring Boot子2.7.0 +更改与Spring安全

  1. @Configuration
  2. public class SecurityConfiguration {
  3. @Bean
  4. UserDetailsService userDetailsService() {
  5. return new MyUserDetailsService(); // to be created
  6. }
  7. @Bean
  8. BCryptPasswordEncoder passwordEncoder() {
  9. return new BCryptPasswordEncoder();
  10. }
  11. @Bean
  12. DaoAuthenticationProvider authenticationProvider() {
  13. DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
  14. authProvider.setUserDetailsService(userDetailsService());
  15. authProvider.setPasswordEncoder(passwordEncoder());
  16. return authProvider;
  17. }
  18. @Bean
  19. SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
  20. http.authenticationProvider(authenticationProvider());
  21. http.authorizeRequests()...;
  22. http.authorizeRequests().and().rememberMe().userDetailsService(userDetailsService()); // important
  23. http.authorizeRequests()...;
  24. return http.build();
  25. }
  26. }
展开查看全部
rpppsulh

rpppsulh3#

https://spring.io/blog/2022/02/21/spring-security-without-the-websecurityconfigureradapter

  1. @Configuration
  2. public class SecurityConfiguration {
  3. @Bean
  4. public InMemoryUserDetailsManager userDetailsService() {
  5. UserDetails user = User.withDefaultPasswordEncoder()
  6. .username("user")
  7. .password("password")
  8. .roles("USER")
  9. .build();
  10. return new InMemoryUserDetailsManager(user);
  11. }
  12. }

相关问题