StackOverflowError我在使用时得到authenticationManger.authenticate()。我看到这里已经回答了问题:Why AuthenticationManager is throwing StackOverflowError? ,但我没有扩展 deprecated WebSecurityConfigurerAdapter,所以我的配置如下所示:
@Configuration
@EnableWebSecurity
public class SecurityConfig{
@Bean
public UserDetailsService userDetailsService() {
return new CustomUserDetailsService();
}
@Bean
@Order(1)
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.httpBasic().disable().csrf().disable().sessionManagement()
.and().authorizeRequests()
.antMatchers("/**").permitAll()
.anyRequest().authenticated().and().csrf().disable();
http
.logout()
.invalidateHttpSession(true)
.logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler(HttpStatus.OK));
return http.build();
}
@Bean
@Order(0)
public SecurityFilterChain resources(HttpSecurity http) throws Exception {
http.requestMatchers((matchers) -> matchers.antMatchers("*.bundle.*"))
.authorizeHttpRequests((authorize) -> authorize.anyRequest().permitAll())
.requestCache().disable()
.securityContext().disable()
.sessionManagement().disable();
return http.build();
}
@Bean
public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
return authenticationConfiguration.getAuthenticationManager();
} …