お世話になります。
Spring Boot で 認証機能を実装してみる
上記サイトを参考にし、SpringBoot+SpringSecurityでログイン認証を実装しようと思っています。
ログイン画面でID、PWを入力してログインボタンを押してもTOPページを表示することができません。
試したこと
わざと間違ったIDとPWを入力した場合は、?errorというURLに変わるので、ID、PW間違いは原因でないと思います。
.defaultSuccessUrlでログイン後のurlを指定してみても解決しませんでした。
以下にソースコードを記載致します。
//LoginController.java package com.sample; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.RequestMapping; @Controller public class LoginController { public static final String PAGE = "/login"; private static final String HTML = "login"; @RequestMapping(value = LoginController.PAGE) public String top(Model model) { return LoginController.HTML; } }
//TopController.java package com.sample; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @Controller public class TopController { public static final String PAGE = "/"; private static final String HTML = "top"; @RequestMapping(value = TopController.PAGE, method = RequestMethod.GET) public String top(Model model) { return TopController.HTML; } }
//WebSecurityConfig.java package com.sample; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.core.userdetails.UserDetailsService; @EnableWebSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter { private UserDetailsService userDetailsService; @Override protected void configure(HttpSecurity httpSecurity) throws Exception { httpSecurity.authorizeRequests().anyRequest().authenticated(); httpSecurity.formLogin().loginPage(LoginController.PAGE).usernameParameter("user") .passwordParameter("pass").permitAll(); } @Override protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception { authenticationManagerBuilder.userDetailsService(this.userDetailsService); } @Autowired public void setUserDetailsService(UserDetailsService userDetailsService) { this.userDetailsService = userDetailsService; } }
//MemberEntity.java package com.sample; import java.util.Collection; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.GeneratedValue; import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Table; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; @Entity @Table(name = "member") public class MemberEntity implements UserDetails { private static final long serialVersionUID = 1667698003975566301L; @Id @GeneratedValue(strategy = GenerationType.AUTO) private Long id; @Column(nullable = false, unique = true) private String username; @Column(nullable = false) private String password; @Override public Collection<? extends GrantedAuthority> getAuthorities() { return null; } @Override public String getPassword() { return this.password; } @Override public String getUsername() { return this.username; } @Override public boolean isAccountNonExpired() { return true; } @Override public boolean isAccountNonLocked() { return true; } @Override public boolean isCredentialsNonExpired() { return true; } @Override public boolean isEnabled() { return true; } }
//MemberRepository.java package com.sample; import org.springframework.data.jpa.repository.JpaRepository; import com.sample.MemberEntity; public interface MemberRepository extends JpaRepository<MemberEntity, Long> { public MemberEntity findByUsername(String username); }
//MemberServiceImpl.java package com.sample; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.stereotype.Service; import com.sample.MemberEntity; import com.sample.MemberRepository; @Service public class MemberServiceImpl implements UserDetailsService { private MemberRepository memberRepository; @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { if (StringUtils.isEmpty(username)) { throw new UsernameNotFoundException(""); } MemberEntity memberEntity = memberRepository.findByUsername(username); if (memberEntity == null) { throw new UsernameNotFoundException(""); } return memberEntity; } @Autowired public void setMemberRepository(MemberRepository memberRepository) { this.memberRepository = memberRepository; } }
以上となります。
何卒宜しくお願い致します。
?error は認証エラーの証
なんとなくだけどDBにパスワードを平文で登録したら平文用のパスワードエンコーダーを利用しないとログインはできないよ
回答1件
あなたの回答
tips
プレビュー