Disabled Users can still log in using Spring Security & Spring Boot

I'm using Spring Boot & Spring Security, everything is fine except that any user can login even if he's disabled, I disabled all the users in the database ( all the activated fields set at 0 )

User entity is as follow :

@Entity @Table(name = "users") public class User implements Serializable {      @Id     private String username;     private String password;     private boolean activated;     @ManyToMany     @JoinTable(name = "USERS_ROLES")     private List<Role> roles;   //etc... } 

Role entity :

@Entity public class Role implements Serializable {      @Id     private String role;     private String description; //etc... } 

Configuration class :

@Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(securedEnabled = true) public class SecurityConfig extends WebSecurityConfigurerAdapter {      @Autowired     public void globalConfig(AuthenticationManagerBuilder auth, DataSource dataSource) throws Exception {           auth.jdbcAuthentication()             .dataSource(dataSource)             .usersByUsernameQuery("select username,password, true from users where username=?")             .authoritiesByUsernameQuery("select users_username, roles_role from users_roles where users_username=?")             .rolePrefix("ROLE_");     }      @Override     protected void configure(HttpSecurity http) throws Exception {          http             //.csrf().disable()             .authorizeRequests()                 .antMatchers("/css/**","/js/**","/img/**").permitAll()                 .antMatchers("/admin/**").access("hasRole('ADMIN')")                 //.antMatchers("/db/**").access("hasRole('ADMIN') and hasRole('DBA')")                 .anyRequest()                     .authenticated()                         .and()             .formLogin()                 .loginPage("/login")                 .permitAll()                  .defaultSuccessUrl("/2g", true)                 .and().exceptionHandling().accessDeniedPage("/access_denied");                  ;      }  } 


Category: java Time: 2016-07-29 Views: 0

Related post

iOS development

Android development

Python development

JAVA development

Development language

PHP development

Ruby development


Front-end development


development tools

Open Platform

Javascript development

.NET development

cloud computing


Copyright (C) avrocks.com, All Rights Reserved.

processed in 0.220 (s). 12 q(s)