UsernamePasswordAuthenticationToken

最新推荐文章于 2024-01-16 15:11:41 发布

漫玥刚花

最新推荐文章于 2024-01-16 15:11:41 发布

阅读量2w

点赞数 2

分类专栏： Spring Cloud Oauth2

本文链接：https://blog.csdn.net/gangsijay888/article/details/81545843

版权

Spring Cloud Oauth2 专栏收录该内容

20 篇文章 2 订阅

订阅专栏

UsernamePasswordAuthenticationToken继承AbstractAuthenticationToken实现Authentication
所以当在页面中输入用户名和密码之后首先会进入到UsernamePasswordAuthenticationToken验证(Authentication)，
然后生成的Authentication会被交由AuthenticationManager来进行管理
而AuthenticationManager管理一系列的AuthenticationProvider，
而每一个Provider都会通UserDetailsService和UserDetail来返回一个
以UsernamePasswordAuthenticationToken实现的带用户名和密码以及权限的Authentication

复制代码

public class SecurityProvider implements AuthenticationProvider {
    @Autowired
    private MyUserDetailService userDetailsService;
    @Override
    public Authentication authenticate(Authentication authentication)
            throws AuthenticationException {
//
        UsernamePasswordAuthenticationToken token = (UsernamePasswordAuthenticationToken) authentication;
        UserDetails userDetails = userDetailsService.loadUserByUsername(token.getName());
        if (userDetails == null) {
            throw new UsernameNotFoundException("找不到该用户");
        }
        if(!userDetails.getPassword().equals(token.getCredentials().toString()))
        {
              throw new BadCredentialsException("密码错误");
        }
        return new UsernamePasswordAuthenticationToken(userDetails,userDetails.getPassword(),userDetails.getAuthorities());
    }

    @Override
    public boolean supports(Class<?> authentication) {
        // TODO Auto-generated method stub
        return UsernamePasswordAuthenticationToken.class.equals(authentication);
    }

}

复制代码

https://github.com/Somersames/MySecurity

http://www.jdon.com/dl/best/securing-rest-services-with-spring.html.html

http://stackoverflow.com/questions/8764545/how-to-get-active-users-userdetails/8769670#8769670