1、application.yml使用了哪种环境,不同的环境所产生的密码加密方式不一样,SecurityConfig中作了限制,生产环境下加密方式为new StandardPasswordEncoder()
,测试环境下加密方式为return NoOpPasswordEncoder.getInstance();
,而且不同的环境对权限的要求也不一样
2、如果加密方式没有问题,那么SpringUserDetailsService类loadUserByUsername方法下获取到的UserDetails是否存在,有可能是查询该账号时,因为sql条件的限制导致为null。因为使用了spring security框架所以现在也没搞懂为什么要走这个方法
SpringUserDetailsService
package com.jsptpd.gayg.common.config.security;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
/**
* Created by LOG on 2017/3/7.
* DAOAuthencation里的一个属性需要实现的类
*/
@Service
public class SpringUserDetailsService implements UserDetailsService {
@Autowired
private ISpringSecurityService springSecurityService;
@Override
public UserDetails loadUserByUsername(String userId) throws UsernameNotFoundException {
UserDetails user = springSecurityService.getUserById(userId);
if(user!= null) {
return user;
}
throw new UsernameNotFoundException("can't found user");
}
}
网友评论