您必须创建一个单独的service
实现org.springframework.security.core.userdetails.UserDetailsService
并将其注入AuthenticationManagerBuilder
。
@Component
public class SecUserDetailsService implements UserDetailsService{
@Autowired
private UserRepository userRepository;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
/*Here add user data layer fetching from the MongoDB.
I have used userRepository*/
User user = userRepository.findByUsername(username);
if(user == null){
throw new UsernameNotFoundException(username);
}else{
UserDetails details = new SecUserDetails(user);
return details;
}
}
}
UserDetails
也应实施。这是POJO,它将在Spring之前保留用户身份验证的详细信息。正如我已经做过的那样,您可以将包装在其中的实体数据对象包括在内。
public class SecUserDetails implements UserDetails {
private User user;
public SecUserDetails(User user) {
this.user = user;
}
......
......
......
}
自动连接我们之前创建的服务,并将其设置在 AuthenticationManagerBuilder
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
SecUserDetailsService userDetailsService ;
@Autowired
public void configAuthBuilder(AuthenticationManagerBuilder builder) throws Exception {
builder.userDetailsService(userDetailsService);
}
}