我试图缓存UserDetails loadUserByUsername(字符串用户名)的问题是,在缓存后,结果是正确的用户,但密码总是设置为null但缓存时它不是null
@Service
公共类MyUserDetailsService实现UserDetailsService {
@Autowired
UserRepository userRepository;
@Cacheable(value="usersLogged" ,key="#username" ,unless="#result.password==null")
@Override
public org.springframework.security.core.userdetails.User loadUserByUsername(
String username) throws UsernameNotFoundException {
try {
// User user = userRepository.getUserByEmail(username); Switch to id
// token base
User user = userRepository.findOne(username);
if (user == null) {
throw new UsernameNotFoundException(
"Invalid username/password.");
}
boolean accountNonExpired = true;
boolean credentialsNonExpired = true;
boolean accountNonLocked = user.isActive();
String userN = user.getId(); // the suer is in the system
String pass = user.getPassword();
Collection<? extends GrantedAuthority> authorities = AuthorityUtils
.createAuthorityList(user.getRole().toString());
org.springframework.security.core.userdetails.User userBuild = new org.springframework.security.core.userdetails.User(
userN, pass, user.isEnabled(), accountNonExpired,
credentialsNonExpired, accountNonLocked, authorities);
return userBuild;
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
return null;
// throw new
// UsernameNotFoundException("Invalid username/password.");
}
}
}
1 回答
当公共可见性密码受到保护时, spring 缓存似乎存在问题缓存在手册中使用代理时,您应该仅将缓存注释应用于具有公共可见性的方法 . 如果使用这些注释对带保护的,私有的或包可见的方法进行注释,则不会引发错误,但带注释的方法不会显示已配置的高速缓存设置 . 如果需要注释非公共方法,请考虑使用AspectJ(见下文),因为它会更改字节码本身