我们在 Spring 方面遇到了问题。 我们的身份验证功能在数据库中找不到指定用户角色的记录。 您可以在下面找到我们的权限查询,用户存在,但是通过电子邮件(用户名)进行身份验证,并且角色表只包含用户Account_ID。
手动查询数据库返回1个数据集,这确实是正确的,但是spring告诉我们以下内容:
DEBUG JdbcTemplate - Executing prepared SQL query
DEBUG JdbcTemplate - Executing prepared SQL statement [Select Account_ID,password,activated from Account where email=?]
DEBUG DataSourceUtils - Fetching JDBC Connection from DataSource
DEBUG DriverManagerDataSource - Creating new JDBC DriverManager Connection to [jdbc:mysql://*****]
DEBUG DataSourceUtils - Returning JDBC Connection to DataSource
DEBUG JdbcTemplate - Executing prepared SQL query
DEBUG JdbcTemplate - Executing prepared SQL statement [SELECT Account_ID,role FROM Account_Roles WHERE Account_ID=(SELECT Account_ID from Account WHERE email=?)]
DEBUG DataSourceUtils - Fetching JDBC Connection from DataSource
DEBUG DriverManagerDataSource - Creating new JDBC DriverManager Connection to [jdbc:mysql://****]
DEBUG DataSourceUtils - Returning JDBC Connection to DataSource
DEBUG JdbcUserDetailsManager - User 'admin@admin.de' has no authorities and will be treated as 'not found'
DEBUG DaoAuthenticationProvider - User 'admin@admin.de' not found
我们的权限查询:
SELECT Account_ID,role FROM Account_Roles WHERE Account_ID=(SELECT Account_ID from Account WHERE email=?)
我们的身份验证方法:
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception
{
String usersByEmailQuery = "Select Account_ID,password,activated from Account where email=?";
String authoritiesByUsernameQuery = "Select Account.email,Account_Roles.role from Account_Roles join Account on Account_Roles.Account_ID=Account.Account_ID where Account.email=?";
String authoritiesByUsernameQueryNew = "SELECT Account_ID,role FROM Account_Roles WHERE Account_ID=(SELECT Account_ID from Account WHERE email=?)";
auth.jdbcAuthentication().dataSource(dataSource)
.usersByUsernameQuery(
usersByEmailQuery)
.authoritiesByUsernameQuery(
authoritiesByUsernameQueryNew)
.passwordEncoder(bCryptPasswordEncoder);
}
感谢您的帮助
最佳答案
问题已解决
问题是,在第一个查询之后,第二个查询中使用了主键,而不是第一个查询中使用的相同参数,因此第二个查询最终搜索了 email=1(Account_ID) 。要指定它:
DEBUG JdbcTemplate - Executing prepared SQL statement [Select Account_ID,password,activated from Account where email=?]
DEBUG DataSourceUtils - Fetching JDBC Connection from DataSource
DEBUG DriverManagerDataSource - Creating new JDBC DriverManager Connection to [jdbc:mysql://db4free.net:3306/frozencat?useSSL=false]
TRACE StatementCreatorUtils - Setting SQL statement parameter value: column index 1, parameter value [admin@admin.de], value class [java.lang.String], SQL type unknown
DEBUG DataSourceUtils - Returning JDBC Connection to DataSource
DEBUG JdbcTemplate - Executing prepared SQL query
DEBUG JdbcTemplate - Executing prepared SQL statement [SELECT Account_ID,role FROM Account_Roles WHERE Account_ID=?]
DEBUG DataSourceUtils - Fetching JDBC Connection from DataSource
DEBUG DriverManagerDataSource - Creating new JDBC DriverManager Connection to [jdbc:mysql://db4free.net:3306/frozencat?useSSL=false]
TRACE StatementCreatorUtils - Setting SQL statement parameter value: column index 1, parameter value [1], value class [java.lang.String], SQL type unknown
DEBUG DataSourceUtils - Returning JDBC Connection to DataSource
INFO AuthenticationEventListener - Login attempt with username: 1 Success: true
所以查询现在看起来像这样:
String usersByEmailQuery = "Select Account_ID,password,activated from Account where email=?";
String authoritiesByUsernameQuery = "SELECT Account_ID,role FROM Account_Roles WHERE Account_ID=?";
关于java - Spring框架未找到具有正确查询的权限,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/35321757/