1. 技术文章
  2. How to pass username into login SQL codes of application.properties on Spring Boot security?

How to pass username into login SQL codes of application.properties on Spring Boot security?

我与影子孤独终老i 提交于 2020-01-11 14:17:13

问题


I try to make simple login codes with spring boot security. First, this is the application.properties codes which includes login query.

server.error.whitelabel.enabled=FALSE

spring.datasource.driver-class-name=com.mysql.jdbc.Driver
spring.datasource.url=jdbc:mysql://localhost/test?characterEncoding=utf8&serverTimezone=UTC
spring.datasource.username=root
spring.datasource.password=password
spring.queries.users-query=select user_name, password_hash, id from users where user_name=?
spring.queries.roles-query=select user_name, 'ADMIN' AS 'role' from users where user_name=?

And Below codes are about spring boot login security 

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private DataSource dataSource;

    @Autowired
    private BCryptPasswordEncoder bCryptPasswordEncoder;

    @Value("{spring.queries.users-query}")
    private String usersQuery;

    @Value("{spring.queries.roles-query}")
    private String rolesQuery;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        // TODO Auto-generated method stub
        auth.jdbcAuthentication().usersByUsernameQuery(usersQuery).authoritiesByUsernameQuery(rolesQuery)
            .dataSource(dataSource).passwordEncoder(bCryptPasswordEncoder);
    }

The problem is I have no idea how to transfer user_name value into spring.queries.users-query statement of application.properties file. I execute this spring boot security codes without any modification, but the exception is thrown like this,

2018-12-15 16:03:00.821 ERROR 2284 --- [nio-8090-exec-1] w.a.UsernamePasswordAuthenticationFilter : An internal error occurred while trying to authenticate the user.    

Caused by: org.springframework.dao.TransientDataAccessResourceException: PreparedStatementCallback; SQL [{spring.queries.users-query}]; Parameter index out of range (1 > number of parameters, which is 0).; nested exception is java.sql.SQLException: Parameter index out of range (1 > number of parameters, which is 0).
        at org.springframework.jdbc.support.SQLStateSQLExceptionTranslator.doTranslate(SQLStateSQLExceptionTranslator.java:110) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
        at org.springframework.jdbc.support.AbstractFallbackSQLExceptionTranslator.translate(AbstractFallbackSQLExceptionTranslator.java:72) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
        at org.springframework.jdbc.support.AbstractFallbackSQLExceptionTranslator.translate(AbstractFallbackSQLExceptionTranslator.java:81) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
        at org.springframework.jdbc.support.AbstractFallbackSQLExceptionTranslator.translate(AbstractFallbackSQLExceptionTranslator.java:81) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
        at org.springframework.jdbc.core.JdbcTemplate.translateException(JdbcTemplate.java:1402) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
        at org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:620) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
        at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:657) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
        at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:688) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
        at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:700) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
        at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:751) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
        at org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl.loadUsersByUsername(JdbcDaoImpl.java:227) ~[spring-security-core-5.0.9.RELEASE.jar:5.0.9.RELEASE]
        at org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl.loadUserByUsername(JdbcDaoImpl.java:184) ~[spring-security-core-5.0.9.RELEASE.jar:5.0.9.RELEASE]
        at org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:104) ~[spring-security-core-5.0.9.RELEASE.jar:5.0.9.RELEASE]
        ... 57 common frames omitted
    Caused by: java.sql.SQLException: Parameter index out of range (1 > number of parameters, which is 0).
        at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:965) ~[mysql-connector-java-5.1.47.jar:5.1.47]
        at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:898) ~[mysql-connector-java-5.1.47.jar:5.1.47]
        at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:887) ~[mysql-connector-java-5.1.47.jar:5.1.47]
        at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:861) ~[mysql-connector-java-5.1.47.jar:5.1.47]
        at com.mysql.jdbc.PreparedStatement.checkBounds(PreparedStatement.java:3367) ~[mysql-connector-java-5.1.47.jar:5.1.47]
        at com.mysql.jdbc.PreparedStatement.setInternal(PreparedStatement.java:3352) ~[mysql-connector-java-5.1.47.jar:5.1.47]
        at com.mysql.jdbc.PreparedStatement.setString(PreparedStatement.java:4068) ~[mysql-connector-java-5.1.47.jar:5.1.47]
        at com.zaxxer.hikari.pool.HikariProxyPreparedStatement.setString(HikariProxyPreparedStatement.java) ~[HikariCP-2.7.9.jar:na]
        at org.springframework.jdbc.core.StatementCreatorUtils.setValue(StatementCreatorUtils.java:400) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
        at org.springframework.jdbc.core.StatementCreatorUtils.setParameterValueInternal(StatementCreatorUtils.java:232) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
        at org.springframework.jdbc.core.StatementCreatorUtils.setParameterValue(StatementCreatorUtils.java:163) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
        at org.springframework.jdbc.core.ArgumentPreparedStatementSetter.doSetValue(ArgumentPreparedStatementSetter.java:69) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
        at org.springframework.jdbc.core.ArgumentPreparedStatementSetter.setValues(ArgumentPreparedStatementSetter.java:50) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
        at org.springframework.jdbc.core.JdbcTemplate$1.doInPreparedStatement(JdbcTemplate.java:664) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
        at org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:605) ~[spring-jdbc-5.0.10.RELEASE.jar:5.0.10.RELEASE]
        ... 64 common frames omitted

How can I pass the user_name value into the login SQL statement of Spring security configuration?


回答1:


It looks like the problem is with the @Value annotation. It should be used as @Value("${<property}"), Spring boot won't bind the value without proper usage.

@Value("${spring.queries.users-query}")
private String usersQuery;

@Value("${spring.queries.roles-query}")
private String rolesQuery;

You don't need to pass/append username value here. usersByUsernameQuery() is to set the query explicitly.



来源:https://stackoverflow.com/questions/53808172/how-to-pass-username-into-login-sql-codes-of-application-properties-on-spring-bo

标签
java
Spring
spring-boot
spring-security
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!