2022/3/21 注入一个DaoAuthenticationProvider打开HideUserNameNotFoundExceptions

master
GPU is all you need 4 years ago
parent d329a49c16
commit 7fafff0d2f
  1. 18
      awardBE/src/main/java/edu/ncst/award/config/SecurityConfig.java

@ -1,6 +1,5 @@
package edu.ncst.award.config;
import org.springframework.security.web.access.ExceptionTranslationFilter;
import com.fasterxml.jackson.databind.ObjectMapper;
import edu.ncst.award.config.security.DataBaseUrlVoter;
import edu.ncst.award.config.security.filter.AuthCheckFilter;
@ -13,13 +12,13 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.http.HttpMethod;
import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.AccessDecisionVoter;
import org.springframework.security.access.vote.AuthenticatedVoter;
import org.springframework.security.access.vote.RoleVoter;
import org.springframework.security.access.vote.UnanimousBased;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@ -95,13 +94,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
"/error*"
};
/**
* 密码加密器
*/
@Bean
public PasswordEncoder passwordEncoderBean() {
return new BCryptPasswordEncoder();
}
/**
* 权限投票访问决策管理器
@ -119,7 +113,11 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userService);
DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
daoAuthenticationProvider.setHideUserNotFoundExceptions(false);
daoAuthenticationProvider.setUserDetailsService(userService);
daoAuthenticationProvider.setPasswordEncoder(new BCryptPasswordEncoder());
auth.authenticationProvider(daoAuthenticationProvider);
}
/**

Loading…
Cancel
Save