Authentification avec Oracle 11g xe, org.springframework.security.authentication.BadCredentialsException: Bad
Salut tout le monde,
je suis en train de développer une application sur spring boot avec le sgbd oracle 11g xe, tout marchait bien avec l'authentification jusqu'à ce que je me trouve avec cette erreur
Citation:
org.springframework.security.authentication.BadCredentialsException: Bad credentials
après quelques recherches sur google, j'ai eu l'impression que le problème venait de PasswordEncoder sauf que depuis j'ai tout modifié avec des changements total sans succès et j'ai besoin de votre aide. Ci-dessous quelques fragment de mon code.
1- fichier de configuration de sécurité
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107
| package com.probip.spring;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.core.session.SessionRegistryImpl;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import com.probip.security.CustomRememberMeServices;
import com.probip.security.MyAgentDetailsService;
@Configuration
@EnableWebSecurity
public class SecSecurityConfig extends WebSecurityConfigurerAdapter {
/** Public URLs. */
private static final String[] PUBLIC_MATCHERS = {
"/login*", "/logout*", "/webjars/**", "/forgerpassword", "/registrationConfirm*", "/expiredAccount*",
"/badUser*", "/user/resendRegistrationToken*", "/forgetPassword*", "/user/resetPassword*",
"/user/changePassword*", "/emailError*", "/", "/error/**/*", "/error", "/images/**", "/css/**", "/js/**", "/district/create" };
@Autowired
private MyAgentDetailsService myAgentDetailsService;
@Autowired
private AuthenticationFailureHandler authenticationFailureHandler;
public SecSecurityConfig() {
super();
}
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authProvider());
}
@Override
public void configure(final WebSecurity web) throws Exception {
web.ignoring().antMatchers("/resources/**");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http.csrf().disable()
.authorizeRequests().antMatchers(PUBLIC_MATCHERS).permitAll()
.antMatchers("/invalidSession*").anonymous()
.antMatchers("/user/updatePassword*", "/user/savePassword*", "/updatePassword*")
.hasAuthority("CHANGE_PASSWORD_PRIVILEGE").anyRequest().hasAuthority("READ_PRIVILEGE").and().formLogin()
.failureUrl("/login?error=true").defaultSuccessUrl("/home").loginPage("/login").permitAll()
// .successHandler(myAuthenticationSuccessHandler)
//.failureHandler(authenticationFailureHandler)
// .authenticationDetailsSource(authenticationDetailsSource)
.permitAll().and().sessionManagement().invalidSessionUrl("/invalidsession").maximumSessions(1)
.sessionRegistry(sessionRegistry()).and().sessionFixation().none().and().logout()
.logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessUrl("/?logout")
.deleteCookies("JSESSIONID").permitAll().deleteCookies("JSESSIONID").permitAll().and().rememberMe()
.rememberMeServices(rememberMeServices()).key("theKey");
}
@Bean
public DaoAuthenticationProvider authProvider() {
final DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
authProvider.setUserDetailsService(myAgentDetailsService);
authProvider.setPasswordEncoder(encoder());
return authProvider;
}
@Bean
public PasswordEncoder encoder() {
return new BCryptPasswordEncoder(12);
}
@Bean
public SessionRegistry sessionRegistry() {
return new SessionRegistryImpl();
}
@Bean
public RememberMeServices rememberMeServices() {
CustomRememberMeServices rememberMeServices = new CustomRememberMeServices("theKey", myAgentDetailsService, new InMemoryTokenRepositoryImpl());
return rememberMeServices;
}
} |
fichier de extension de loadUsername
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41
| package com.probip.security;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import com.probip.persistence.entities.Agents;
import com.probip.persistence.repositories.AgentsRepository;
@Service
@Transactional
public class MyAgentDetailsService implements UserDetailsService {
@Autowired
private AgentsRepository agentsRepository;
public MyAgentDetailsService() {
super();
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
try {
final Agents agent = agentsRepository.findByUsername(username);
if (agent == null) {
throw new UsernameNotFoundException("No user found with username: " + username);
}
return new User(agent.getUsername(), agent.getPassword(),agent.isEnabled(), true,true,true,agent.getAuthorities());
} catch (final Exception e) {
throw new RuntimeException(e);
}
}
} |
et mon fichier html
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
| <form class="form-signin" name='f' th:action="@{/login}" method="post"
onsubmit="return validate();">
<img class="mb-4" th:src="@{images/login.png}" width="72" height="72" />
<h1 class="h3 mb-3 font-weight-normal" th:text="#{login.login.text}">Please
sign in</h1>
<label for="inputEmail" class="sr-only"
th:text="#{login.username.text}">Email address</label> <input
type="text" id="username" name="username"
required="required" class="form-control" placeholder="Username"
autofocus> <label for="password" class="sr-only"
th:text="#{login.password.text}">Password</label> <input
type="password" id="password" class="form-control"
placeholder="Password" required>
<div class="checkbox mb-3">
<label> <input type="checkbox" value="remember-me"> <span
th:text="#{label.form.rememberMe}"></span>
</label>
<a th:href="@{/forgerpassword}" th:text="#{message.resetPassword}">reset</a>
</div>
<button class="btn btn-sm btn-outline-info btn-block" type="submit"
th:value="#{navbar.login.text}">Sign in</button>
</form> |
et mon fichier de CommanderRunner
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42
| private final Agents createUserIfNotFound(final int id, final String nom, final String prenom, final Character sexe,
final String username, final String email, final String photo, final String dob, final String lieudob,
final String password, final int natid, final Collection<Groupes> superRole) {
Agents user = null;
if (agentsRepository.findByAgentemail(email) == null) {
Nationalities nat = nationalityService.findByNationalityid(natid);
user = new Agents();
user.setAgentid(id);
user.setAgentnom(nom);
user.setAgentprenom(prenom);
user.setAgentemail(email);
user.setAgentlieuxdob(lieudob);
user.setAgentsexe(sexe);
user.setAgentsexe(sexe);
user.setNationalitiesNationalityid(nat);
user.setUsername(username);
try {
user.setAgentdob(dateformat.parse(dob.replace("-", "/")));
} catch (ParseException e) {
e.printStackTrace();
}
user.setPassword(passwordEncoder.encode(password));
user.setGroupesList(superRole);
user.setEnabled(true);
user = agentsRepository.save(user);
}
return user;
}
@Override
public void run(String... args) throws Exception {
// == create initial user
createUserIfNotFound(1, "KANA", "Patrick", 'H', "fokana", "my@yahoo.fr", "1.png", "2999/05/05",
"Bamendou", "password", 7, new ArrayList<Groupes>(Arrays.asList(superRole, adminRole, agentRole)));
alreadySetup = true;
// == Create Init Nationality
} |
SVP j'ai besoin de votre aide pour résoudre mon problème
En passant je rappelle que je n'ai pas d'erreur dans la console.
Bien cordialement