当前位置: 首页 > 知识库问答 >
问题:

使用jdbcAuthentication抛出的Spring Security没有为id“null”映射的PasswordEncoder

司寇安宜
2023-03-14

我目前正在使用h2数据库学习SpringSecurity和spring boot。

当我尝试通过它抛出的用户名和密码登录时,我使用jdbcAuthentication进行身份验证:

<代码>java。lang.IllegalArgumentException:没有为id“null”映射的密码编码器

我使用密码编码器作为:PasswordEncoderFactories。createDelegatingPasswordEncoder()

这是错误日志

 .   ____          _            __ _ _
 /\\ / ___'_ __ _ _(_)_ __  __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
 \\/  ___)| |_)| | | | | || (_| |  ) ) ) )
  '  |____| .__|_| |_|_| |_\__, | / / / /
 =========|_|==============|___/=/_/_/_/
 :: Spring Boot ::        (v2.2.6.RELEASE)

2020-04-28 01:55:46.232  INFO 22525 --- [           main] c.s.s.SpringSecurityJdbcApplication      : Starting SpringSecurityJdbcApplication on harsh with PID 22525 (/home/harsh/rapid/chatak-pg-microservices/spring-security-jdbc/target/classes started by harsh in /home/harsh/rapid/chatak-pg-microservices/spring-security-jdbc)
2020-04-28 01:55:46.235  INFO 22525 --- [           main] c.s.s.SpringSecurityJdbcApplication      : No active profile set, falling back to default profiles: default
2020-04-28 01:55:46.943  INFO 22525 --- [           main] .s.d.r.c.RepositoryConfigurationDelegate : Bootstrapping Spring Data JDBC repositories in DEFAULT mode.
2020-04-28 01:55:46.966  INFO 22525 --- [           main] .s.d.r.c.RepositoryConfigurationDelegate : Finished Spring Data repository scanning in 16ms. Found 0 JDBC repository interfaces.
2020-04-28 01:55:47.467  INFO 22525 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat initialized with port(s): 8080 (http)
2020-04-28 01:55:47.475  INFO 22525 --- [           main] o.apache.catalina.core.StandardService   : Starting service [Tomcat]
2020-04-28 01:55:47.475  INFO 22525 --- [           main] org.apache.catalina.core.StandardEngine  : Starting Servlet engine: [Apache Tomcat/9.0.33]
2020-04-28 01:55:47.527  INFO 22525 --- [           main] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring embedded WebApplicationContext
2020-04-28 01:55:47.527  INFO 22525 --- [           main] o.s.web.context.ContextLoader            : Root WebApplicationContext: initialization completed in 1242 ms
2020-04-28 01:55:47.686  INFO 22525 --- [           main] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Starting...
2020-04-28 01:55:47.784  INFO 22525 --- [           main] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Start completed.
2020-04-28 01:55:47.993  INFO 22525 --- [           main] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: any request, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@46678e49, org.springframework.security.web.context.SecurityContextPersistenceFilter@3fae596, org.springframework.security.web.header.HeaderWriterFilter@1d25c1c, org.springframework.security.web.csrf.CsrfFilter@27b000f7, org.springframework.security.web.authentication.logout.LogoutFilter@67e28be3, org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@6f3f0fae, org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@4a5905d9, org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter@748e9b20, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@42fcc7e6, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@73017a80, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@2063c53e, org.springframework.security.web.session.SessionManagementFilter@5bca7664, org.springframework.security.web.access.ExceptionTranslationFilter@333cb916, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@1b29d52b]
2020-04-28 01:55:48.147  INFO 22525 --- [           main] o.s.s.concurrent.ThreadPoolTaskExecutor  : Initializing ExecutorService 'applicationTaskExecutor'
2020-04-28 01:55:48.533  INFO 22525 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat started on port(s): 8080 (http) with context path ''
2020-04-28 01:55:48.536  INFO 22525 --- [           main] c.s.s.SpringSecurityJdbcApplication      : Started SpringSecurityJdbcApplication in 2.688 seconds (JVM running for 3.258)
2020-04-28 01:55:51.231  INFO 22525 --- [nio-8080-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring DispatcherServlet 'dispatcherServlet'
2020-04-28 01:55:51.231  INFO 22525 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet        : Initializing Servlet 'dispatcherServlet'
2020-04-28 01:55:51.240  INFO 22525 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet        : Completed initialization in 9 ms
2020-04-28 01:55:57.071 ERROR 22525 --- [nio-8080-exec-3] o.a.c.c.C.[.[.[/].[dispatcherServlet]    : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception

java.lang.IllegalArgumentException: There is no PasswordEncoder mapped for the id "null"
    at org.springframework.security.crypto.password.DelegatingPasswordEncoder$UnmappedIdPasswordEncoder.matches(DelegatingPasswordEncoder.java:250) ~[spring-security-core-5.2.2.RELEASE.jar:5.2.2.RELEASE]

这是我的SpringSecurity课程

SpringSecurity。Java语言

安全配置:

@Configuration
@EnableWebSecurity
public class SpringSecurity extends WebSecurityConfigurerAdapter {
    @Autowired
    DataSource dataSource;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
        .antMatchers("/admin").hasRole("ADMIN")
        .antMatchers("/user").hasAnyRole("ADMIN","USER")
        .antMatchers("/home").permitAll()
        .and()
        .formLogin();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.jdbcAuthentication()
        .dataSource(dataSource)
        .passwordEncoder(getPassword()); 
    }

    public PasswordEncoder getPassword() {
        //actually do nothing 
        return PasswordEncoderFactories.createDelegatingPasswordEncoder();
    }

}

HomeController.java

@RestController
public class HomeController {

    @GetMapping("/home")
    public String home() {
        return ("<h1>Welome to Spring Security</h1>");
    }

    @GetMapping("/admin")
    public String admin() {
        return ("<h1>Welome ADMIN user to Spring Security</h1>");
    }

    @GetMapping("/user")
    public String user() {
        return ("<h1>Welome USER user to Spring Security</h1>");
    }
}

application.properties

spring.datasource.continue-on-error=true
spring.datasource.initialize=true
spring.datasource.separator=;
spring.datasource.sql-script-encoding=UTF-8

数据sql

insert into users (username,password,enabled) values ('user','user',true);
insert into users (username,password,enabled) values ('sadmin','admin',true);
insert into authorities(username,authority) values ('user','ROLE_USER');
insert into authorities(username,authority) values ('sadmin','ROLE_ADMIN');

架构。sql

drop table users;
drop table authorities;
drop index ix_auth_username;

create table users(
    username varchar_ignorecase(50) not null primary key,
    password varchar_ignorecase(50) not null,
    enabled boolean not null
);

create table authorities (
    username varchar_ignorecase(50) not null,
    authority varchar_ignorecase(50) not null,
    constraint fk_authorities_users foreign key(username) references users(username)
);
create unique index ix_auth_username on authorities (username,authority);

以下是所附的项目截图:

共有2个答案

朱兴运
2023-03-14

你应该把@Bean:

@Bean
public PasswordEncoder getPassword() {
        return PasswordEncoderFactories.createDelegatingPasswordEncoder();
}

此外,personnaly我使用BCrypt并将其设置在身份验证提供程序上:

@Override
protected void configure(AuthenticationManagerBuilder auth) {
    auth.authenticationProvider(authenticationProvider());
}

@Bean
PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
}
@Bean
DaoAuthenticationProvider authenticationProvider(){
    DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
    daoAuthenticationProvider.setPasswordEncoder(passwordEncoder());
    daoAuthenticationProvider.setUserDetailsService(YourUserDetailsService);

    return daoAuthenticationProvider;
}
商弘义
2023-03-14

如果要确保密码编码器真的不起任何作用,可以使用:

@Bean
public PasswordEncoder passwordEncoder() { 
    return NoOpPasswordEncoder.getInstance(); 
}

这只是出于教育原因。
不要在实际项目中使用它。

 类似资料:
  • 问题内容: 我正在从Spring Boot 1.4.9迁移到Spring Boot 2.0,还迁移到Spring Security 5,并且正在尝试通过OAuth 2进行身份验证。但是我收到此错误: java.lang.IllegalArgumentException:没有为id“ null映射的PasswordEncoder 从Spring Security 5的文档中,我知道密码的存储格式已更

  • 我正在从Spring Boot1.4.9迁移到Spring Boot2.0,也迁移到Spring Security5,我试图通过OAuth2进行身份验证。但是我得到了这个错误: IllegalArgumentException:没有为id“null”映射的PasswordEncoder 编码密码不像BCrypt 因此,我根据Spring Security5文档将编码器更新为: 现在,如果我能在数据

  • 我正在从Spring Boot 1.5.12迁移到Spring Boot 2.0和Spring Security 5,并试图通过OAuth 2进行身份验证。但即使在使用委托{noop}之后,我也会遇到这个错误: Java语言lang.IllegalArgumentException:没有为id“null”映射的PasswordEncoder 这是我的代码: SecurityConfig安全配置 O

  • 我的代码在spring版本1.5.6中运行良好。释放。但当我将版本升级到2.0.0时,我的一些方法已被弃用,但效果很好。当我通过查看没有为id“null”映射的PasswordEncoder和数据库身份验证来更改我不推荐的方法时,它开始给我错误“没有PasswordEncoder” 这是我的代码。 网络配置 账户控制员 用户服务 我看到了所有相关的答案,但它们可用于inMemory身份验证。Spr

  • 我是springsecurity的新手,尝试在我的项目中使用springstecurity,因为这个错误不断出现 这是我的道课 这是我的凭证类 我认为错误存在于此代码中 这是用户详细信息 这是用户详细信息的实现 这就是正在流行的错误 最后,这是我的数据库,其中存储了用户名和密码的数据库表 这个错误让我发疯,我做了一切事情来阻止这一点,但这是一次又一次的弹出,基本上我的项目是logIn系统,其中一个

  • 我是Spring安全的新手。使用Spring 4.3和Spring Security 5.0。一切都在运行。登录页面也出现了。如果您输入了错误的密码,则表明您的登录尝试未成功,请重试。好但正确的密码引发异常 我的Spring\u安全。XML是 我的网站。xml 我的控制器类 .一旦获得正确的凭据,就没有为id“null”映射的密码编码器