我尝试使用 Spring Boot Security 制作简单的登录代码。首先,这是 application.properties 代码,其中包含登录查询。
server.error.whitelabel.enabled=FALSE
spring.datasource.driver-class-name=com.mysql.jdbc.Driver
spring.datasource.url=jdbc:mysql://localhost/test?characterEncoding=utf8&serverTimezone=UTC
spring.datasource.username=root
spring.datasource.password=password
spring.queries.users-query=select user_name, password_hash, id from users where user_name=?
spring.queries.roles-query=select user_name, 'ADMIN' AS 'role' from users where user_name=?
下面的代码是关于Spring Boot登录安全性的
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Autowired
private BCryptPasswordEncoder bCryptPasswordEncoder;
@Value("{spring.queries.users-query}")
private String usersQuery;
@Value("{spring.queries.roles-query}")
private String rolesQuery;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// TODO Auto-generated method stub
auth.jdbcAuthentication().usersByUsernameQuery(usersQuery).authoritiesByUsernameQuery(rolesQuery)
.dataSource(dataSource).passwordEncoder(bCryptPasswordEncoder);
}
问题是我不知道如何将 user_name 值传输到 application.properties 文件的 spring.queries.users-query 语句中。我执行这个spring boot安全代码没有任何修改,但是抛出异常是这样的,
2018-12-15 16:03:00.821 ERROR 2284 --- [nio-8090-exec-1] w.a.UsernamePasswordAuthenticationFilter : An internal error occurred while trying to authenticate the user.
Caused by: org.springframework.dao.TransientDataAccessResourceException: PreparedStatementCallback; SQL [{spring.queries.users-query}]; Parameter index out of range (1 > number of parameters, which is 0).; nested exception is java.sql.SQLException: Parameter index out of range (1 > number of parameters, which is 0).
at org.springframework.jdbc.support.SQLStateSQLExceptionTranslator.doTranslate(SQLStateSQLExceptionTranslator.java:110) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
at org.springframework.jdbc.support.AbstractFallbackSQLExceptionTranslator.translate(AbstractFallbackSQLExceptionTranslator.java:72) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
at org.springframework.jdbc.support.AbstractFallbackSQLExceptionTranslator.translate(AbstractFallbackSQLExceptionTranslator.java:81) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
at org.springframework.jdbc.support.AbstractFallbackSQLExceptionTranslator.translate(AbstractFallbackSQLExceptionTranslator.java:81) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
at org.springframework.jdbc.core.JdbcTemplate.translateException(JdbcTemplate.java:1402) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
at org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:620) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:657) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:688) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:700) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:751) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
at org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl.loadUsersByUsername(JdbcDaoImpl.java:227) ~[spring-security-core-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl.loadUserByUsername(JdbcDaoImpl.java:184) ~[spring-security-core-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:104) ~[spring-security-core-5.0.9.RELEASE.jar:5.0.9.RELEASE]
... 57 common frames omitted
Caused by: java.sql.SQLException: Parameter index out of range (1 > number of parameters, which is 0).
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:965) ~[mysql-connector-java-5.1.47.jar:5.1.47]
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:898) ~[mysql-connector-java-5.1.47.jar:5.1.47]
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:887) ~[mysql-connector-java-5.1.47.jar:5.1.47]
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:861) ~[mysql-connector-java-5.1.47.jar:5.1.47]
at com.mysql.jdbc.PreparedStatement.checkBounds(PreparedStatement.java:3367) ~[mysql-connector-java-5.1.47.jar:5.1.47]
at com.mysql.jdbc.PreparedStatement.setInternal(PreparedStatement.java:3352) ~[mysql-connector-java-5.1.47.jar:5.1.47]
at com.mysql.jdbc.PreparedStatement.setString(PreparedStatement.java:4068) ~[mysql-connector-java-5.1.47.jar:5.1.47]
at com.zaxxer.hikari.pool.HikariProxyPreparedStatement.setString(HikariProxyPreparedStatement.java) ~[HikariCP-2.7.9.jar:na]
at org.springframework.jdbc.core.StatementCreatorUtils.setValue(StatementCreatorUtils.java:400) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
at org.springframework.jdbc.core.StatementCreatorUtils.setParameterValueInternal(StatementCreatorUtils.java:232) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
at org.springframework.jdbc.core.StatementCreatorUtils.setParameterValue(StatementCreatorUtils.java:163) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
at org.springframework.jdbc.core.ArgumentPreparedStatementSetter.doSetValue(ArgumentPreparedStatementSetter.java:69) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
at org.springframework.jdbc.core.ArgumentPreparedStatementSetter.setValues(ArgumentPreparedStatementSetter.java:50) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
at org.springframework.jdbc.core.JdbcTemplate$1.doInPreparedStatement(JdbcTemplate.java:664) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
at org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:605) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
... 64 common frames omitted
如何将user_name值传递到Spring安全配置的登录SQL语句中?
最佳答案
看起来问题出在 @Value 注释上。它应该用作 @Value("${<property}") ,如果没有正确使用,Spring boot不会绑定(bind)该值。
@Value("${spring.queries.users-query}")
private String usersQuery;
@Value("${spring.queries.roles-query}")
private String rolesQuery;
您不需要在此处传递/附加用户名值。 usersByUsernameQuery()是显式设置查询。
关于java - 如何将用户名传递到 Spring Boot 安全性的 application.properties 的登录 SQL 代码中?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/53808172/