CODEWITHSUNDEEP
javaspring-bootintellij-idea
Bekjan Omirzak
Bekjan Omirzak

Reputation: 15

My log in account is not valid in spring boot

I want to log in with the accounts provided in userdetails method in spring boot, but it is not working. Here is my WebSecurityConfiguration class. It is giving me bad credentials.Any idea? I am new to spring boot.


@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    private PasswordEncoder passwordEncoder;

    @Autowired
    public SecurityConfiguration(PasswordEncoder passwordEncoder) {
        this.passwordEncoder = passwordEncoder;
    }


    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .antMatchers("/api/admin").hasRole("admin")
                .antMatchers("/api/user").hasRole("user")
                .antMatchers("/api/student").hasRole("STUDENT")
                .antMatchers("/api/computer").hasRole("COMPUTER")
                .antMatchers("/api/root").permitAll()
                .anyRequest().authenticated()
                .and().httpBasic()
                .and().formLogin();
    }

    @Override
    protected UserDetailsService userDetailsService() {
        UserDetails user = User.builder()
                .username("student")   //ROLE_STUDENT
                .password(passwordEncoder.encode("student"))
                .roles("STUDENT")
                .build();

        UserDetails user2 = User.builder()
                .username("computer")
                .password(passwordEncoder.encode("computer"))
                .roles("COMPUTER")
                .build();

        return new InMemoryUserDetailsManager(user, user2);
    }
}

Upvotes: 0

Views: 63

Answers (1)

Zhang Sen
Zhang Sen

Reputation: 26

You may need to add more details.

For example, which API you requested, what was it params, raw HTTP format is better.

I guess

.antMatchers("/api/admin").hasRole("admin")
.antMatchers("/api/user").hasRole("user")

you should use upper case "ADMIN" and "USER"

.antMatchers("/api/admin").hasRole("ADMIN")
.antMatchers("/api/user").hasRole("USER")

and add passwords to InMemoryUserDetailsManager

UserDetails user3 = User.builder()
                .username("user")
                .password(passwordEncoder.encode("user"))
                .roles("USER")
                .build();
UserDetails user4 = User.builder()
                .username("admin")
                .password(passwordEncoder.encode("admin"))
                .roles("ADMIN")
                .build();

Upvotes: 1

Related Questions