spring 如何在Sping Boot 2.7中使用userDetailsService更新已停用的WebSecurityConfigurerAdapter

piwo6bdm 于 2022-10-30 发布在 Spring

关注(0)|答案(3)|浏览(330)

Spring 2.7中的WebSecurityConfigurerAdapter已过时。我应该如何更新此类：

public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    private final UserRepository userRepository;

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(
                email -> {
                    log.debug("Authenticating '{}'", email);
                    Optional<User> optionalUser = userRepository.findByEmailIgnoreCase(email);
                    return new AuthUser(optionalUser.orElseThrow(
                            () -> new UsernameNotFoundException("User '" + email + "' was not found")));
                }
        ).passwordEncoder(PasswordEncoderFactories.createDelegatingPasswordEncoder());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()....
    }
}

spring

来源：https://stackoverflow.com/questions/72493425/how-to-update-deprecated-websecurityconfigureradapter-with-userdetailsservice-in

3条答案

按热度按时间

tv6aics11#

根据Spring Security without the WebSecurityConfigurerAdapter，可以更新：

public class SecurityConfiguration {

    private final UserRepository userRepository;

    @Bean
    public PasswordEncoder passwordEncoder() {
        return PasswordEncoderFactories.createDelegatingPasswordEncoder();
    }

    @Bean
    public UserDetailsService userDetailsService() {
        return email -> {
            log.debug("Authenticating '{}'", email);
            Optional<User> optionalUser = userRepository.findByEmailIgnoreCase(email);
            return new AuthUser(optionalUser.orElseThrow(
                    () -> new UsernameNotFoundException("User '" + email + "' was not found")));
        };
    }

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http.authorizeRequests()...;
        return http.build();
    }
}

赞(0）回复(0）举报 2022-10-30

hmae6n7t2#

//Spring Boot子2.7.0 +更改与Spring安全

@Configuration
public class SecurityConfiguration {

    @Bean
    UserDetailsService userDetailsService() {

        return new MyUserDetailsService(); // to be created
    }

    @Bean
    BCryptPasswordEncoder passwordEncoder() {

        return new BCryptPasswordEncoder();
    }

    @Bean
    DaoAuthenticationProvider authenticationProvider() {

        DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();

        authProvider.setUserDetailsService(userDetailsService());

        authProvider.setPasswordEncoder(passwordEncoder());

        return authProvider;
    }

    @Bean
    SecurityFilterChain filterChain(HttpSecurity http) throws Exception {

        http.authenticationProvider(authenticationProvider()); 

        http.authorizeRequests()...;

        http.authorizeRequests().and().rememberMe().userDetailsService(userDetailsService()); // important

        http.authorizeRequests()...;

        return http.build();
    }

}

赞(0）回复(0）举报 2022-10-30

rpppsulh3#

https://spring.io/blog/2022/02/21/spring-security-without-the-websecurityconfigureradapter

@Configuration
public class SecurityConfiguration {

    @Bean
    public InMemoryUserDetailsManager userDetailsService() {
        UserDetails user = User.withDefaultPasswordEncoder()
            .username("user")
            .password("password")
            .roles("USER")
            .build();
        return new InMemoryUserDetailsManager(user);
    }
}

赞(0）回复(0）举报 2022-10-30

我来回答

spring 如何在Sping Boot 2.7中使用userDetailsService更新已停用的WebSecurityConfigurerAdapter

3条答案

相关问题

热门标签

最新问答