在我的Spring启动应用程序中,我有以下两个类:
@EnableWebSecurity
public class AppSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private JwtAuthenticationFilter jwtAuthenticationFilter;
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
// TODO re-enable csrf after dev is done
.csrf()
.disable()
// we must specify ordering for our custom filter, otherwise it
// doesn't work
.addFilterAfter(jwtAuthenticationFilter,
UsernamePasswordAuthenticationFilter.class)
// we don't need Session, as we are using jwt instead. Sessions
// are harder to scale and manage
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}
}
和:
@Component
public class JwtAuthenticationFilter extends
AbstractAuthenticationProcessingFilter {
/*
* we must set authentication manager for our custom filter, otherwise it
* errors out
*/
@Override
@Autowired
public void setAuthenticationManager(
AuthenticationManager authenticationManager) {
super.setAuthenticationManager(authenticationManager);
}
}
JwtAuthenticationFilter依赖于AuthenticationManager由bean setAuthenticationManager的方法,但这个bean被创建在AppSecurityConfig已JwtAuthenticationFilter在自动装配.这整个事情会创建一个循环依赖.我该如何解决这个问题?
我按照此处的建议修复了此问题: 无法通过@Autowired将AuthenticationManager传递给自定义过滤器
我从中删除@Component了JwtAuthenticationFilter而不是自动装配JwtAuthenticationFilter到WebSecurityConfig类,我在那里定义了bean:
@Bean
public JwtAuthenticationFilter JwtAuthenticationFilter() {
return new JwtAuthenticationFilter();
}
| 归档时间: |
|
| 查看次数: |
198 次 |
| 最近记录: |