zoukankan      html  css  js  c++  java
  • SpringSecurity的自定义用户密码验证

    我的用户密码前台输入后,需要和用户名关联进行加密比较,所以重写了AuthenticationProvider的实现类进行处理;

    @Component
    public class MyAuthenticationProvider implements AuthenticationProvider {
    
        @Autowired
        private ISysUserService iSysUserService;
        @Autowired
        private PasswordEncorder passwordEncorder;
    
        @Override
        public Authentication authenticate(Authentication authentication) throws AuthenticationException {
            String username = authentication.getName();
            String presentedPassword = (String)authentication.getCredentials();
            UserDetails userDeatils = null;
    // 根据用户名获取用户信息 SysUser sysUser
    = this.iSysUserService.getUserByName(username); if (StringUtils.isEmpty(sysUser)) { throw new BadCredentialsException("用户名不存在"); } else { userDeatils = new User(username, sysUser.getPassword(), AuthorityUtils.commaSeparatedStringToAuthorityList("USER"));
    // 自定义的加密规则,用户名、输的密码和数据库保存的盐值进行加密 String encodedPassword
    = PasswordUtil.encrypt(username, presentedPassword, sysUser.getSalt()); if (authentication.getCredentials() == null) { throw new BadCredentialsException("登录名或密码错误"); } else if (!this.passwordEncorder.matches(encodedPassword, userDeatils.getPassword())) { throw new BadCredentialsException("登录名或密码错误"); } else { UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(userDeatils, authentication.getCredentials(), userDeatils.getAuthorities()); result.setDetails(authentication.getDetails()); return result; } } } @Override public boolean supports(Class<?> authentication) { return true; } }
    然后在SecurityConfiguration配置中启用
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.authenticationProvider(this.myAuthenticationProvider);
    }
  • 相关阅读:
    activiti5.13 框架 数据库表结构说明
    c3p0详细配置
    linux+nginx+tomcat负载均衡,实现session同步
    Lvs+Keepalived+MySQL Cluster架设高可用负载均衡Mysql集群
    java jstack dump 线程 介绍 解释
    JVM性能调优监控工具jps、jstack、jmap、jhat、jstat、hprof使用详解
    CheckStyle使用手册(一)
    checkstyle使用介绍
    memcache启动多个服务
    temp
  • 原文地址:https://www.cnblogs.com/brucebai/p/12680494.html
Copyright © 2011-2022 走看看