-1

I been learning about spring boot lately, pretty much newbie. I go though some tutorial and been working for Spring Security for my project spring boot. And i watching this tutorial using remember-me https://www.youtube.com/watch?v=P_eL5QQmiV0 but seem like i stuck with this error

The error i find that i stuck the whole day but can't find the solution

java.lang.IllegalStateException: UserDetailsService is required.
    org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter$UserDetailsServiceDelegator.loadUserByUsername(WebSecurityConfigurerAdapter.java:470)
    org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices.processAutoLoginCookie(PersistentTokenBasedRememberMeServices.java:134)
    org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices.autoLogin(AbstractRememberMeServices.java:136)
    org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:105)
    org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:93)
    org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:149)
    org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
    org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:219)
    org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:213)
    org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:103)
    org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:89)
    org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:117)
    org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
    org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90)
    org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75)
    org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
    org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110)
    org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80)
    org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:55)
    org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
    org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
    org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211)
    org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:183)
    org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354)
    org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267)
    org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)
    org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
    org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)
    org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
    org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
    org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)

my config

@Override
    protected void configure(HttpSecurity http) throws Exception {
        
        http.authorizeRequests()
            .antMatchers("/admin").authenticated()
            .anyRequest().permitAll()
            .and()
            .formLogin()
                .loginPage("/dang-nhap")
                .usernameParameter("emailLogin")
                .passwordParameter("passwordLogin")
                .failureForwardUrl("/login_fail_handler")
                .successForwardUrl("/login_success_handler")
            .and()
            .rememberMe()
                .tokenRepository(persistentTokenRepository())
                .rememberMeCookieName("token-remember-me")
                .tokenValiditySeconds(24*60*60)
            .and()
            .logout()
                .logoutSuccessUrl("/").permitAll()

            ;
                
    }

The database did save the token but after re-run project it delete the token and show error UserDetailsService is required

I been looking all stackoverflow about this error but seem like all those method don't work for me...
Hope you guy have a nice day, and if you free believe help me...

Và Thi Thi
  • 1
  • 1

1 Answers1

0

To use Form Login (DaoAuthenticationProvider under the hood), you are required to provide or implement the UserDetailsService interface. It is quite easy to implement as it only has a single method. For exploring and learning, you can provide an InMemoryUserDetailsManager as an @Bean, like this:

    @Bean
    public UserDetailsService userDetailsService() {
        UserDetails user = User.withDefaultPasswordEncoder()
                .username("user")
                .password("password")
                .roles("USER")
                .build();
        UserDetails admin = User.withDefaultPasswordEncoder()
                .username("admin")
                .password("password")
                .roles("ADMIN", "USER")
                .build();
        return new InMemoryUserDetailsManager(user, admin);
    }

You can learn more about In-Memory Authentication in the reference docs. You can also obviously replace the above example with a completely custom class that implements the interface, or even return a Java lambda expression.

Also, take a look at the announcement of deprecating the WebSecurityConfigurerAdapter for examples of the latest suggestions for configuring Spring Security.

Steve Riesenberg
  • 4,271
  • 1
  • 4
  • 26