此为使用spring security 5.x 时出现的问题
解决方法一:
(使用 @Bean 或 @Component )注册一个PasswordEncoder类型的bean到IOC容器中,在匹配的过程中会自动封装。
解决方法二:
定义一个PasswordEncoder的实现类,并在定制认证规则的configure(AuthenticationManagerBuilder auth)方法体中指定使用这个PasswordEncoder的实例。如下:
public class MyPasswordEncoder implements PasswordEncoder {
@Override
public String encode(CharSequence charSequence) {
return charSequence.toString();
}
@Override
public boolean matches(CharSequence charSequence, String s) {
return s.equals(charSequence.toString());
}
}
@EnableWebSecurity
public class MySecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
//定制请求的授权规则
http.authorizeRequests().antMatchers("/").permitAll()
.antMatchers("/level1/**").hasRole("VIP1")
.antMatchers("/level2/**").hasRole("VIP2")
.antMatchers("/level3/**").hasRole("VIP3");
}
//定义认证规则
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//super.configure(auth);
auth.inMemoryAuthentication().passwordEncoder(new MyPasswordEncoder())
.withUser("zhangsan").password("123456").roles("VIP1","VIP2");
}
}