Customize user information
Spring Security's user information is implemented through the User Details Service interface, and only one of them needs to be implemented.
loadUserByUsername(String username)
Method, user information can be customized
Implementation steps
1. Copy the source code of the previous example
Rename package name case 1 to case 2
Rename Case1Application.java to Case2Application.java
2. Custom Security Configuration
Create a new config package and create a new WebSecurity Config. Java class.
The complete code is as follows:
package net.txt100.learn.springsecurity.base.case2.config; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; /** * Title: WebSecurityConfig * Package: net.txt100.learn.springsecurity.base.case2.config * Creation date: 2019-08-11 * Description: * * @author <a href="zgjt_tongl@thunis.com">Tonglei</a> * @since 1.0 */ @Configuration public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Bean public PasswordEncoder passwordEncoder() { // Configure password protection policy, spring security defaults to bcrypt encryption algorithm. // Just declare BCryptPasswordEncoder Bean explicitly here. return new BCryptPasswordEncoder(); } }
3. Implementing User Details Service
Create the service package, create the SimpleUserDetailsService class, and implement the UserDetailsService interface.
The complete code is as follows:
package net.txt100.learn.springsecurity.base.case2.service; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Service; import java.util.Collections; /** * Title: SimpleUserDetailsService * Package: net.txt100.learn.springsecurity.base.case2.service * Creation date: 2019-08-11 * Description: Use predefined user information * * @author <a href="zgjt_tongl@thunis.com">Tonglei</a> * @since 1.0 */ @Service public class SimpleUserDetailsService implements UserDetailsService { @Autowired private PasswordEncoder passwordEncoder; @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { // Return user's username, password and privilege information according to user name // In this case, any user name + password 123456 can be logged in successfully. // ROLE_* is a spring security style role definition where * can be replaced arbitrarily User user = new User( username, passwordEncoder.encode("123456"), Collections.singleton(new SimpleGrantedAuthority("ROLE_USER")) ); return user; } }
4. Compilation and execution
Open the command line, enter the project root directory, and execute the compilation command
gradle compileJava
Execute Running Commands
gradle run
Visit http://localhost:8080/user/all
User names are filled in arbitrary strings, such as user1
Password must be filled in: 123456
You can also see the successful authentication page.
Entering other passwords will prompt for password errors
summary
By customizing the UserDetailsService class, user customization can be achieved.
Note: In the latest version of the spring boot framework, PasswordEncoder must display the definition, otherwise the password cannot be verified.