一、在用户对象的密码显示设置为下面的方式User user = new User(sysUser.getUsername(), sysUser.getPassword(), collection);
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
// 根据用户名获取用户对象
SysUser sysUser = sysUserDao.findByUsername(username);
if(sysUser!=null){
// 创建角色集合对象
Collection<GrantedAuthority> collection = new ArrayList<>();
// 创建临时角色对象
GrantedAuthority grantedAuthority = new SimpleGrantedAuthority("ROLE_USER");
// 对象添加到集合中
collection.add(grantedAuthority);
User user = new User(sysUser.getUsername(), sysUser.getPassword(), collection);
return user;
}
return null;
}
二、在添加用户的service实现类中添加密码加密
//安全框架SpringSeurity加密
@Override
public void save(SysUser sysUser) {
// 获取明文密码
String password = sysUser.getPassword();
// 对明文密码加密
String encode = passwordEncoder.encode(password);
sysUser.setPassword(encode);
sysUserDao.save(sysUser);
}
三、修改spring-security.xml配置文件
<!-- 配置认证登录信息 认证管理器自带账户密码-->
<security:authentication-manager>
<!--提供服务类 去数据库查询账户密码-->
<security:authentication-provider user-service-ref="sysUserServiceImpl">
<security:password-encoder ref="passwordEncoder"/>
<!-- <security:user-service>-->
<!--临时账户密码
authorities:指定用户的认证角色
{noop}不加密-->
<!-- <security:user name="admin" password="{noop}admin" authorities="ROLE_USER"></security:user>-->
<!-- </security:user-service>-->
</security:authentication-provider>
</security:authentication-manager>
<bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"></bean>
四、加密后登录不上问题解决方式---用BCryptPasswordEncoderUtils加密工具类进行密码加密,然后把加密后的密码存入数据库,就可以用加密前的密码登录了
package cn.kgc.utils;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//加密工具类
public class BCryptPasswordEncoderUtils {
private static BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
public static String encodePassword(String password){
return bCryptPasswordEncoder.encode(password);
}
public static void main(String[] args) {
String password="要加密的密码";
String pwd=encodePassword(password);
//输出加密后的密码存入数据库
System.out.println(pwd);
}
}