在Spring Security中从spring security xml配置迁移到Java Config.
在我的SecurityConfiguration类中,它扩展了WebSecurityConfigurerAdapter.但是,问题是安全过滤器没有使用userDetailsService,特别是UsernamePasswordAuthenticationFilter.我查看了启动,似乎在Spring引导创建默认的InMemoryUserDetailsManager之前没有创建.
@Configuration
@EnableWebMvcSecurity
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http)
throws Exception {
http.userDetailsService(userDetailsService);
}
}
我还尝试使用自定义注入的ApplicationUserDetailsService覆盖此类中的userDetailsServiceBean和userDetailsService.
@Bean(name="myUserDetailsBean")
@Override
public UserDetailsService userDetailsServiceBean() {
return userDetailsService;
}
@Override
public UserDetailsService userDetailsService() {
return userDetailsService;
}
但是,当我尝试覆盖authenticationManagerBean时,看起来它在spring boot配置初始化之前调用我的配置,但是在初始化UsernamePasswordAuthenticationFilter时会抛出一个错误(如下所示).我是否真的需要覆盖authenticationManagerBean,因为我需要定义UsernamePasswordAuthenticationFilter中的内容.
@Bean(name="myAuthenticationManager")
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
..
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter]: Circular reference involving containing bean 'securityBeansConfiguration' - consider declaring the factory method as static for …