spring security报栈溢出错误,如何解决?(语言-java)
问题遇到的现象和发生背景
使用默认的登陆页面可以进入,但是点击登陆之后报500错误java.lang.StackOverflowError: null
问题相关代码,请勿粘贴截图
package com.mavenbase.minilibspringboot.config;
import com.mavenbase.minilibspringboot.service.UserDetailsService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
UserDetailsService userDetailsService;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/book/*").hasRole("root")
.antMatchers("/book/*").hasRole("user")
.antMatchers("/book/*").hasRole("administrators");
http.formLogin();
/* http.logout().logoutSuccessUrl("/");
// http.csrf().disable();
http.rememberMe().rememberMeParameter("remember");*/
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService()).passwordEncoder(new BCryptPasswordEncoder());
}
}
package com.mavenbase.minilibspringboot.service;
import com.mavenbase.minilibspringboot.dao.AccountMapper;
import com.mavenbase.minilibspringboot.pojo.Account;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
import java.util.List;
@Service
public class UserDetailsServiceImpl implements UserDetailsService {
@Autowired
AccountMapper accountMapper;
@Autowired
PasswordEncoder passwordEncoder;
@Override
public UserDetails loadUserByUsername(String name) throws UsernameNotFoundException {
Account account = accountMapper.getAccount(name);
List<GrantedAuthority> authorities = new ArrayList<>();
authorities.add(new SimpleGrantedAuthority("ROLE_" + account.getRole()));
User user = new User(account.getName(), passwordEncoder.encode(account.getPassword()), authorities);
System.out.println(user.getUsername() + passwordEncoder.encode(account.getPassword()) + user.getAuthorities());
return user;
}
}
使用的mybatis数据库,数据库没问题
运行结果及报错内容
底下一直重复
你的问题出现在这一步,这些都是多余的,光该这个的话,把这些删了就行。
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService()).passwordEncoder(new BCryptPasswordEncoder());
}
几个地方写的不太对
1.passEncoder暴露之后,密码校验过程中不需要你自己来做,你只需要存储的时候加密就行,剩下的SpringSecurity都给你做好了
2.userservice设置的地方也不对
推荐你看下这个springsecurity系列的:
https://blog.csdn.net/lookoutthe/category_11588763.html
好的我再参考参考看看,第一次动手亲自写还有挺多地方捋不顺的,提到的问题也已经解决了,但是现在是输入密码怎么都提示不对,我在参考看一下链接中的文章,谢谢您!