Spring security Userdetails 无法转换为我自己的用户实现
Spring security Userdetails cannot be cast to my own user implementation
我有一个 User class 实现了 spring 安全 UserDetails。但是,在登录请求的身份验证期间,它给出了一个 ClassCastException,UserDetails 无法转换为我的 User class.
完整错误:
java.lang.ClassCastException: class
org.springframework.security.core.userdetails.User cannot be cast to
class nl.teamrepositories.vliegmaatschappij.security.domain.User
(org.springframework.security.core.userdetails.User is in unnamed
module of loader 'app';
nl.teamrepositories.vliegmaatschappij.security.domain.User is in
unnamed module of loader
org.springframework.boot.devtools.restart.classloader.RestartClassLoader
@6ef8cb6)
用户:
package nl.teamrepositories.vliegmaatschappij.security.domain;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import javax.persistence.*;
import java.util.Collection;
import java.util.List;
@Entity
@Table(name = "users")
@Getter @Setter @NoArgsConstructor
public class User implements UserDetails {
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
@Column(nullable = false, unique = true)
private String firstName;
private String lastName;
private String username;
private String password;
private boolean enabled;
private boolean tokenExpired;
public User(String firstName, String lastName, String username, String password) {
this.firstName = firstName;
this.lastName = lastName;
this.username = username;
this.password = password;
}
@ManyToMany
@JoinTable(
name = "users_roles",
joinColumns = @JoinColumn(
name = "user_id", referencedColumnName = "id"),
inverseJoinColumns = @JoinColumn(
name = "role_id", referencedColumnName = "id"))
private Collection<Role> roles;
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return List.of(new SimpleGrantedAuthority("ROLE_USER"));
}
@Override
public String getUsername() {
return username;
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
}
在 JwtAuthenticationFilter 中:
@Override
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response,
FilterChain filterChain, Authentication authentication) {
User user = (User) authentication.getPrincipal(); // this is where the error occurs
// more code
}
我不明白为什么我的 User class 不能转换为 Spring 的 UserDetails class。
我应该改变什么?
提前致谢。
检查您在 JwtAuthenticationFilter 中的导入。我猜你使用的是 import org.springframework.security.core.userdetails.User 而不是你自己的 class import nl.teamrepositories.vliegmaatschappij.security.domain.User:
import nl.teamrepositories.vliegmaatschappij.security.domain.User;
(...)
public class JwtAuthenticationFilter {
(...)
@Override
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response,
FilterChain filterChain, Authentication authentication) {
User user = (User) authentication.getPrincipal(); // this is where the error occurs
// more code
}
}
在这里或代码中的其他地方,您使用了错误的 User class(Spring 一个而不是您的)。
我有一个 User class 实现了 spring 安全 UserDetails。但是,在登录请求的身份验证期间,它给出了一个 ClassCastException,UserDetails 无法转换为我的 User class.
完整错误:
java.lang.ClassCastException: class org.springframework.security.core.userdetails.User cannot be cast to class nl.teamrepositories.vliegmaatschappij.security.domain.User (org.springframework.security.core.userdetails.User is in unnamed module of loader 'app'; nl.teamrepositories.vliegmaatschappij.security.domain.User is in unnamed module of loader org.springframework.boot.devtools.restart.classloader.RestartClassLoader @6ef8cb6)
用户:
package nl.teamrepositories.vliegmaatschappij.security.domain;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import javax.persistence.*;
import java.util.Collection;
import java.util.List;
@Entity
@Table(name = "users")
@Getter @Setter @NoArgsConstructor
public class User implements UserDetails {
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
@Column(nullable = false, unique = true)
private String firstName;
private String lastName;
private String username;
private String password;
private boolean enabled;
private boolean tokenExpired;
public User(String firstName, String lastName, String username, String password) {
this.firstName = firstName;
this.lastName = lastName;
this.username = username;
this.password = password;
}
@ManyToMany
@JoinTable(
name = "users_roles",
joinColumns = @JoinColumn(
name = "user_id", referencedColumnName = "id"),
inverseJoinColumns = @JoinColumn(
name = "role_id", referencedColumnName = "id"))
private Collection<Role> roles;
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return List.of(new SimpleGrantedAuthority("ROLE_USER"));
}
@Override
public String getUsername() {
return username;
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
}
在 JwtAuthenticationFilter 中:
@Override
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response,
FilterChain filterChain, Authentication authentication) {
User user = (User) authentication.getPrincipal(); // this is where the error occurs
// more code
}
我不明白为什么我的 User class 不能转换为 Spring 的 UserDetails class。
我应该改变什么?
提前致谢。
检查您在 JwtAuthenticationFilter 中的导入。我猜你使用的是 import org.springframework.security.core.userdetails.User 而不是你自己的 class import nl.teamrepositories.vliegmaatschappij.security.domain.User:
import nl.teamrepositories.vliegmaatschappij.security.domain.User;
(...)
public class JwtAuthenticationFilter {
(...)
@Override
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response,
FilterChain filterChain, Authentication authentication) {
User user = (User) authentication.getPrincipal(); // this is where the error occurs
// more code
}
}
在这里或代码中的其他地方,您使用了错误的 User class(Spring 一个而不是您的)。