Spring Security 密码验证
2020-06-30 18:46:26 32 举报Spring Security 密码验证
作者其他创作
大纲/内容
Authentication
4
Spring Security 核心组件
retrieveUser方法中使用UserDetailsService获取用户UserDetails对象
Spring Security 密码验证
5
DaoAuthenticationProvider
- passwordEncoder:PasswordEncoder- userDetailsService:UserDetailsService- userDetailsPasswordService:UserDetailsPasswordService
...
2
1
UsernamePasswordAuthenticationToken
- principal:Object- credentials:Object
UserDetailsService
+ loadUserByUsername(String):UserDetails
AbstractAuthenticationToken
- authorities:Collection<GrantedAuthority>- details:Object- authenticated:boolean = false
AuthenticationManager
+ authenticate(Authentication):Authentication
AuthenticationProvider
+ authenticate(Authentication):Authentication+ supports(Class<?>):boolean
additionalAuthenticationChecks方法中使用PasswordEncoder校验密码
AbstractUserDetailsAuthenticationProvider
PasswordEncoder
ProviderManager
3
抽象类在实现接口的authenticate方法里调用了另外两个方法:additionalAuthenticationChecks和retrieveUser。这两个方法由子类具体实现
Spring Security 核心组件实现
0 条评论
下一页
