我正在關注 Spring Boot JPA 身份驗證安全教程。我已經為用戶和管理員設定了身份驗證。
但是在 MySQL 資料庫中,我有自定義角色,例如“校長”和“老師”和“學生”
如何將這些自定義角色添加到我的身份驗證中。
我假設我需要在 UserDetails 類中執行此操作。到目前為止,這是我的代碼
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import java.util.stream.Collectors;
public class UserDetails implements UserDetails {
private String username;
private String password;
private boolean active;
private List<GrantedAuthority> authorities;
public MyUserDetails(User user) {
this.username = user.getUsername();
this.password = user.getPassword();
this.active = user.isActive();
this.authorities = Arrays.stream(user.getTheType().split(","))
.map(SimpleGrantedAuthority::new)
.collect(Collectors.toList());
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return authorities;
}
@Override
public String getPassword() {
return password;
}
@Override
public String getUsername() {
return username;
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return active;
}
}
uj5u.com熱心網友回復:
對于教程/課程,當您(嘗試)重命名/重構時可以:
- 角色(用戶、管理員...角色或權限?tomayto、tomahto(只需添加/截斷一個
ROLE_;) - 資料庫列。
但是,侵入性最小且非常有效(僅適用于 2 個角色/少陣列合)的方法如下:
// adjust to requirements:
static final String REGEX_USERS = "student"; // exact match
static final String REGEX_ADMINS = "(teacher|principal)"; // group OR match
static final String AUTH_ADMINS = "ADMINS";
static final String AUTH_USERS = "USERS";
...進而:
this.authorities = Arrays.stream(
user
.getTheType()
.replaceAll(REGEX_USERS, USERS)
.replaceAll(REGEX_ADMINS, ADMINS)
.split(",")
)
.map(SimpleGrantedAuthority::new)
.collect(Collectors.toList());
獨立測驗:
package com.example.demo;
import java.util.Arrays;
import java.util.List;
import java.util.stream.Collectors;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
class TestO {
static final String REGEX_USERS = "student";
static final String REGEX_ADMINS = "(teacher|principal)";
static final String AUTH_ADMINS = "ADMINS";
static final String AUTH_USERS = "USERS";
public static void main(String[] args) {
String testData1 = "student";
String testData2 = "teacher,principal";
List<GrantedAuthority> result1 = Arrays.stream(testData1
.replaceAll(REGEX_USERS, AUTH_USERS)
.replaceAll(REGEX_ADMINS, AUTH_ADMINS)
.split(","))
.map(SimpleGrantedAuthority::new)
.collect(Collectors.toList());
System.out.format("%s%n", result1);
List<GrantedAuthority> result2 = Arrays.stream(testData2
.replaceAll(REGEX_USERS, AUTH_USERS)
.replaceAll(REGEX_ADMINS, AUTH_ADMINS)
.split(","))
.map(SimpleGrantedAuthority::new)
.collect(Collectors.toList());
System.out.format("%s%n", result2);
}
}
印刷:
[USERS]
[ADMINS, ADMINS]
如果我對角色映射的假設(!)是正確的:
- 全部
student都是USERS - 全部
teacher都是ADMINS - 只有 1 個(少數)……
principal而且ADMIN(還有teacher?? ……拜托!學校系統差異很大……;-) principal是唯一一個在他的(權限)串列中有逗號的人!?- (不
student為teacher!?)
那么可能(以及在任何“特定授權”的情況下):
private java.util.Set<GrantedAuthority> authorities;
...然后還有:
Collectors.toSet() // refacotrings
更可取!(Set 和 List 有什么區別?!;)
所以:
Set<GrantedAuthority> result2 = Arrays.stream(testData2
.replaceAll(REGEX_USERS, "USERS")
.replaceAll(REGEX_ADMINS, "ADMINS")
.split(","))
.map(SimpleGrantedAuthority::new)
.collect(Collectors.toSet());
System.out.format("%s%n", result2);
印刷:
...
[ADMINS]
另請參閱(注冊有效的字串替換):
Java一次(或以最有效的方式)替換字串中的多個不同子字串
轉載請註明出處,本文鏈接:https://www.uj5u.com/caozuo/372974.html
下一篇:如何解決toMap中的空值