问题遇到的现象和发生背景
写了两个 WebSecurityConfigurerAdapter 的实现类,但是只有一个有效。
问题背景是,我有两种用户类,数据库中也分为两个表,我想要能够实现两种用户根据url不同分开登录。
问题相关代码,请勿粘贴截图
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig {
@Bean
public BCryptPasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
@Autowired
UserDetailServiceImpl userDetailsService1;
@Autowired
MyUserDetailServiceImpl userDetailsService2;
// @Autowired
// public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
// auth.userDetailsService(userDetailsService2).passwordEncoder(passwordEncoder());
//
// auth.userDetailsService(userDetailsService1).passwordEncoder(passwordEncoder());
//
// }
@Configuration
// @Order(1)
public class UserSecurityConfig extends WebSecurityConfigurerAdapter {
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService2)
.passwordEncoder(passwordEncoder());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
//集成了springSecurity框架,导致页面无法被iframe引用。
http.headers()
.frameOptions()
.sameOrigin()
.httpStrictTransportSecurity().disable();
http
.authorizeRequests()
.antMatchers("/UserLogin.jsp","/css/**","/images/**","/js/**","/us/**")
.permitAll()
.anyRequest().authenticated();
http.formLogin()
.loginPage("/us/login")
.loginProcessingUrl("/us/login")
.usernameParameter("userAccoun")//自定义用户名表单元素的name
.passwordParameter("pwd")//自定义密码表单元素的name
.defaultSuccessUrl("/pJump/toHpage");
}
}
@Configuration
@Order(2)
public class AdminSecurityConfig extends WebSecurityConfigurerAdapter {
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService1)
.passwordEncoder(passwordEncoder());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
//集成了springSecurity框架,导致页面无法被iframe引用。
http.headers()
.frameOptions()
.sameOrigin()
.httpStrictTransportSecurity().disable();
http
.authorizeRequests()
.antMatchers("/login.jsp","/css/**","/images/**","/js/**","/adm/**")
.permitAll()
.anyRequest().authenticated();
http.formLogin()
.loginPage("/adm/login")
.loginProcessingUrl("/adm/login")
.usernameParameter("uname")//自定义用户名表单元素的name
.passwordParameter("pwd")//自定义密码表单元素的name
.defaultSuccessUrl("/login/toMain");
}
}
}