Bri*_*ley 6 spring-security spring-boot
在Spring Security中从spring security xml配置迁移到Java Config.
在我的SecurityConfiguration类中,它扩展了WebSecurityConfigurerAdapter.但是,问题是安全过滤器没有使用userDetailsService,特别是UsernamePasswordAuthenticationFilter.我查看了启动,似乎在Spring引导创建默认的InMemoryUserDetailsManager之前没有创建.
@Configuration
@EnableWebMvcSecurity
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http)
throws Exception {
http.userDetailsService(userDetailsService);
}
}
我还尝试使用自定义注入的ApplicationUserDetailsService覆盖此类中的userDetailsServiceBean和userDetailsService.
@Bean(name="myUserDetailsBean")
@Override
public UserDetailsService userDetailsServiceBean() {
return userDetailsService;
}
@Override
public UserDetailsService userDetailsService() {
return userDetailsService;
}
但是,当我尝试覆盖authenticationManagerBean时,看起来它在spring boot配置初始化之前调用我的配置,但是在初始化UsernamePasswordAuthenticationFilter时会抛出一个错误(如下所示).我是否真的需要覆盖authenticationManagerBean,因为我需要定义UsernamePasswordAuthenticationFilter中的内容.
@Bean(name="myAuthenticationManager")
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
..
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter]: Circular reference involving containing bean 'securityBeansConfiguration' - consider declaring the factory method as static for independence from its containing instance. Factory method 'usernamePasswordAuthenticationFilter' threw exception; nested exception is java.lang.IllegalArgumentException: successHandler cannot be null
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:189) ~[spring-beans-4.1.4.RELEASE.jar:4.1.4.RELEASE]
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588) ~[spring-beans-4.1.4.RELEASE.jar:4.1.4.RELEASE]
... 70 common frames omitted
想法?
abo*_*cic -1
您好,有一个简单的方法来覆盖 UserDetailsService
import com.dog.care.domain.User;
import com.dog.care.repository.UserRepository;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import org.springframework.transaction.annotation.Transactional;
import javax.inject.Inject;
import java.util.Optional;
@Component("userDetailsService")
public class UserDetailsService implements org.springframework.security.core.userdetails.UserDetailsService {
private final Logger log = LoggerFactory.getLogger(UserDetailsService.class);
@Inject
private UserRepository userRepository;
@Override
@Transactional
public UserDetails loadUserByUsername(final String login) {
log.debug("Authenticating {}", login);
String lowercaseLogin = login.toLowerCase();
Optional<User> userFromDatabase = userRepository.findOneByLogin(lowercaseLogin);
return userFromDatabase.map(user -> {
if (!user.getActivated()) {
throw new UserNotActivatedException("User " + lowercaseLogin + " was not activated");
}
return new CustomUserDetails(user);
}).orElseThrow(() -> new UsernameNotFoundException("User " + lowercaseLogin + " was not found in the database"));
}
}
这很重要:@Component(“userDetailsService”)
谢谢亚历山大
| 归档时间: |
|
| 查看次数: |
2509 次 |
| 最近记录: |