스프링부트 시큐리티로 로그인을 만들다 생겼다
java.lang.IllegalArgumentException: There is no PasswordEncoder mapped for the id "null"
at org.springframework.security.crypto.password.DelegatingPasswordEncoder$UnmappedIdPasswordEncoder.matches(DelegatingPasswordEncoder.java:254) ~[spring-security-crypto-5.6.2.jar:5.6.2]
at org.springframework.security.crypto.password.DelegatingPasswordEncoder.matches(DelegatingPasswordEncoder.java:202) ~[spring-security-crypto-5.6.2.jar:5.6.2]
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter$LazyPasswordEncoder.matches(WebSecurityConfigurerAdapter.java:595) ~[spring-security-config-5.6.2.jar:5.6.2]
at org.springframework.security.authentication.dao.DaoAuthenticationProvider.additionalAuthenticationChecks(DaoAuthenticationProv
@Service
public class CustomUserDetailsService implements UserDetailsService {
private static final Logger logger = LoggerFactory.getLogger(CustomUserDetailsService.class);
private final UserRepository userRepository;
public CustomUserDetailsService(
@Autowired UserRepository userRepository) {
this.userRepository = userRepository;
final UserEntity testUserEntity = new UserEntity();
testUserEntity.setUsername("entity_user");
testUserEntity.setPassword("test1pass");
this.userRepository.save(testUserEntity);
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
final UserEntity userEntity = userRepository.findByUsername(username);
return new User(username, userEntity.getPassword(), new ArrayList<>());
}
}
비밀번호를 저장할때 암호화 과정이 필요하다!
passwordEncoder를 설정해야 한다
public interface PasswordEncoder를 사용
Spring Security에서 비밀번호를 안전하게 저장할 수 있도록 비밀번호의 단방향 암호화를 지원하는 인터페이스
회원가입시 평문으로 DB에 비밀번호를 저장하는 것은 권장하지 않는다. 따라서 PasswordEncoder를 통해서 안전하게 저장될 수 있도록 단방향 암호화를 지원한다.
@Service
public class CustomUserDetailsService implements UserDetailsService {
private static final Logger logger = LoggerFactory.getLogger(CustomUserDetailsService.class);
private final UserRepository userRepository;
private final PasswordEncoder passwordEncoder; //추가
public CustomUserDetailsService(
@Autowired UserRepository userRepository,
@Autowired PasswordEncoder passwordEncoder //추가
) {
this.userRepository = userRepository;
this.passwordEncoder = passwordEncoder;
final UserEntity testUserEntity = new UserEntity();
testUserEntity.setUsername("entity_user");
testUserEntity.setPassword(passwordEncoder.encode("test1pass")); //바꿈
this.userRepository.save(testUserEntity);
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
final UserEntity userEntity = userRepository.findByUsername(username);
return new User(username, userEntity.getPassword(), new ArrayList<>());
}
}