我知道有几个问题,但没有一个帮助,一切似乎都对我好...我希望我错了。 我跟着this tutorial用JWT为我的Spring Boot应用程序创建了身份验证,但是我坚持这个警告
o.s.s.c.bcrypt.BCryptPasswordEncoder : Encoded password does not look like BCrypt
这是扩展WebSecurityConfigurerAdapter的类:
@EnableWebSecurity
public class WebSecurity extends WebSecurityConfigurerAdapter {
private UserDetailsService userDetailsService;
private BCryptPasswordEncoder bCryptPasswordEncoder;
public WebSecurity(UserDetailsService userDetailsService, BCryptPasswordEncoder bCryptPasswordEncoder) {
this.userDetailsService = userDetailsService;
this.bCryptPasswordEncoder = bCryptPasswordEncoder;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests()
.antMatchers(HttpMethod.POST, SIGN_UP_URL).permitAll()
.anyRequest().authenticated()
.and()
.addFilter(new JWTAuthenticationFilter(authenticationManager()))
.addFilter(new JWTAuthorizationFilter(authenticationManager()));
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder);
}
}
这是实现UserDetailsService的类:
public class UserDetailsServiceImpl implements UserDetailsService {
private ApplicationUserRepository applicationUserRepository;
public UserDetailsServiceImpl(ApplicationUserRepository applicationUserRepository) {
this.applicationUserRepository = applicationUserRepository;
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
System.out.println("loadUserByUsername");
ApplicationUser applicationUser = applicationUserRepository.findByUsername(username);
if (applicationUser == null) {
System.out.println("User non trovato");
throw new UsernameNotFoundException(username);
}
System.out.println("Username: " + applicationUser.getUsername());
return new User(applicationUser.getUsername(), applicationUser.getPassword(), emptyList());
}
}
另外,我想知道使用正确的参数传递实例化Web Security类的位置。这是由Spring自动管理的吗?
发现问题,就是我的类UserDetailsServiceImpl没有“@Service”注释。现在它工作正常。