diff --git a/awardBE/src/main/java/edu/ncst/award/config/SecurityConfig.java b/awardBE/src/main/java/edu/ncst/award/config/SecurityConfig.java index 0a24628..0168a3f 100644 --- a/awardBE/src/main/java/edu/ncst/award/config/SecurityConfig.java +++ b/awardBE/src/main/java/edu/ncst/award/config/SecurityConfig.java @@ -1,6 +1,5 @@ package edu.ncst.award.config; -import org.springframework.security.web.access.ExceptionTranslationFilter; import com.fasterxml.jackson.databind.ObjectMapper; import edu.ncst.award.config.security.DataBaseUrlVoter; import edu.ncst.award.config.security.filter.AuthCheckFilter; @@ -13,13 +12,13 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.data.redis.core.RedisTemplate; -import org.springframework.http.HttpMethod; import org.springframework.security.access.AccessDecisionManager; import org.springframework.security.access.AccessDecisionVoter; import org.springframework.security.access.vote.AuthenticatedVoter; import org.springframework.security.access.vote.RoleVoter; import org.springframework.security.access.vote.UnanimousBased; import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.dao.DaoAuthenticationProvider; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; @@ -95,13 +94,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { "/error*" }; - /** - * 密码加密器 - */ - @Bean - public PasswordEncoder passwordEncoderBean() { - return new BCryptPasswordEncoder(); - } + + /** * 权限投票访问决策管理器 @@ -119,7 +113,11 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { - auth.userDetailsService(userService); + DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider(); + daoAuthenticationProvider.setHideUserNotFoundExceptions(false); + daoAuthenticationProvider.setUserDetailsService(userService); + daoAuthenticationProvider.setPasswordEncoder(new BCryptPasswordEncoder()); + auth.authenticationProvider(daoAuthenticationProvider); } /**