WebSecurityConfig类
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserService userSevice;
@Autowired
private PasswordEncoder passwordEncoder;
@Bean
public PasswordEncoder getPasswordEncoder() {
return new BCryptPasswordEncoder(8);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/", "/registration", "/static/**", "/about").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.and()
.logout()
.permitAll();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userSevice)
.passwordEncoder(passwordEncoder);
}
}
UserService类
public class UserService implements UserDetailsService {
@Autowired
private UserRepo userRepo;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
User user = userRepo.findByUsername(username);
System.out.println(username);
if (user == null) {
throw new UsernameNotFoundException("User not found");
}
return user;
}
}
UserDetailsService只显示用户名,但我希望它能让我看到输入的密码,我输入system.out.printl(username)进行验证,然后显示,而且我不知道如何输出密码。它们来自数据库。在此先感谢。请为我的英语服务
所以,从本质上讲,你想要的是从AuthenticationManagerBuilder的auth对象通过客户端发送的密码。如果是,则无法进行此操作,因为密码存储在不可逆的哈希值中。
如果您想从DB获取密码,可以致电user.getPassword()。
HttpServletRequest request =((ServletRequestAttributes)RequestContextHolder.getRequestAttributes()).getRequest();
String passwordFromForm = request.getParameter("password");