问题:
获取Spring Security上的用户详细信息的GrantedAuthority为空
蒯硕
这是我在spring Security中的
public class UserDetail implements UserDetailsService {
@Autowired
User_service user_service;
@Override
public UserDetails loadUserByUsername(String userId) throws UsernameNotFoundException {
boolean enabled = true;
boolean accountNonExpired = true;
boolean credentialsNonExpired = true;
boolean accountNonLocked = true;
com.domain.User user = user_service.findByUserName(userId);
return new User(user.getUserId(), user.getPassword(), enabled,
accountNonExpired, credentialsNonExpired,
accountNonLocked, this.getGrantedAuthorities(user));
}
public List<GrantedAuthority> getGrantedAuthorities(com.domain.User user) {
List<GrantedAuthority> role_name = null;
List<Role> roles = user.getRoles();
try {
for(Role role : roles) {
role_name.add(new GrantedAuthorityImpl(role.getName()));
}
} catch(Exception ex) {
System.out.println(ex.toString());
}
return role_name;
}
}
我得到了一个例外:
org.springframework.security.authentication.InternalAuthenticationServiceException: Cannot pass a null GrantedAuthority collection
at org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:110)
at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:132)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:177)
at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:94)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:211)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:316)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:160)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:734)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:673)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:99)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:174)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:357)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:260)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:188)
at org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:191)
at org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:168)
at org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:189)
at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:288)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:206)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:136)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:114)
at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77)
at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:838)
at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:113)
at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:115)
at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:55)
at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:135)
at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:564)
at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:544)
at java.lang.Thread.run(Thread.java:724)
Caused by: java.lang.IllegalArgumentException: Cannot pass a null GrantedAuthority collection
at org.springframework.util.Assert.notNull(Assert.java:112)
at org.springframework.security.core.userdetails.User.sortAuthorities(User.java:146)
at org.springframework.security.core.userdetails.User.<init>(User.java:108)
在GetGrantedAuthorities方法中找到用户对象时,我对其进行测试,但当我要将角色名添加到GrantedAuthorities列表时,它引发异常“无法传递null的GrantedAuthorities集合”。为什么GrantedAuthority返回null?
我很确定“user”对象不是空的,我检查了它。
共有1个答案
哈和惬
您的role_name为空。尝试更改列表
由列表
更改。
此外,user.getRoles()应该返回一个空集合。
类似资料:
-
Amazon标识管理iam=Amazon标识管理客户端Builder.standard()。US_EAST_1)。 有人能告诉我怎么做吗? 我试图在下面的程序中列出一个用户的标签,但我得到了下面的错误:我们计算的请求签名与您提供的签名不匹配。检查您的AWS秘密访问密钥和签名方法。有关详细信息,请参阅维修文档。 公共类ListUserTags{ }
-
目前,我正在使用以下内容将用户登录到我的应用程序中。然而,我想使用一个角函数来实际执行登录。为此,我想创建一个Rest网络服务来进行身份验证,但是我在SO上看到的所有示例都使用我认为被贬低的用户。我还希望该服务返回有关用户的信息。 我要问的是如何将MyUserDetailsService更改为用作登录的restful服务,或者如何创建一个可用于登录的服务,该服务将在登录后返回用户对象。 这是我的a
-
以下是我希望通过REST API从Keycloak检索的参数: 领域名称 领域ID 用户名 电子邮件 名字 已启用用户 是否有人使用REST API从keycloak获取这些细节,请分享REST API URL细节。
-
我是Spring MVC和Spring Security的新手。我已经使用Spring Security和MVC执行了登录和注册功能。我找不到任何会话管理的方法。 我想访问所有页面上的一些用户信息,如(电子邮件,姓名,id,角色等)。我想将这些保存到会话对象中,这样我就可以在任何页面上获取这些内容。 我在Spring的会议得到以下方式 但是从这个返回的对象中,我只能得到用户名和密码的详细信息。 但
-
接口说明 获取角色详细信息 如需调用,请访问 开发者文档 来查看详细的接口使用说明 该接口仅开放给已获取SDK的开发者 API地址 GET /permissions/api/team/role/v1.0.0/info 是否需要登录 是 请求字段说明 参数 类型 请求类型 是否必须 说明 token string header 是 当前登录用户的TOKEN roleId string query 是