【发布时间】:2021-06-17 17:02:27
【问题描述】:
在我的测试应用程序中,我的安全配置类如下。
package myProject.security;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import org.springframework.context.annotation.Primary;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.crypto.password.StandardPasswordEncoder;
import javax.annotation.PostConstruct;
import javax.annotation.PreDestroy;
@SuppressWarnings("deprecation")
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userService;
@Override
public void configure(HttpSecurity theHttp) throws Exception {
theHttp.authorizeRequests()
.antMatchers("/design", "/order")
.access("hasRole('ROLE_USER')")
.antMatchers("/", "/**")
.access("permitAll")
.and()
.formLogin()
.loginPage("/login")
.defaultSuccessUrl("/", true)
.and()
.logout()
.logoutSuccessUrl("/login")
.and()
.csrf()
.ignoringAntMatchers("/h2-console/**")
.and()
.headers()
.frameOptions()
.sameOrigin();
}
@Bean
public PasswordEncoder encoder() {
return new StandardPasswordEncoder("53cr3t");
}
@Override
public void configure(AuthenticationManagerBuilder theAuth) throws Exception {
theAuth.userDetailsService(userService)
.passwordEncoder(encoder());
}
}
我在那里定义了 encoder() 并将其注释为 @Bean。这意味着该方法会生成一个由 spring 容器管理的 bean。我再次需要通过构造函数访问编码器,如下所示。
package myProject.security;
import org.springframework.context.annotation.DependsOn;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import myProject.data.UserRepository;
@Controller
@RequestMapping("/register")
public class RegistrationController {
private final UserRepository userRepo;
private final PasswordEncoder passwordEncoder;
public RegistrationController(UserRepository theUserRepo, PasswordEncoder thePasswordEncoder) {
this.userRepo = theUserRepo;
this.passwordEncoder = thePasswordEncoder;
}
@GetMapping
public String registrationForm() {
return "userRegistry";
}
@PostMapping
public String processRegistration(RegistrationForm theUserRegistration) {
userRepo.save(theUserRegistration.tranformUser(passwordEncoder));
return "redirect:/loginPage";
}
}
用户存储库类
package myProject.data;
import org.springframework.data.repository.CrudRepository;
import myProject.User;
public interface UserRepository extends CrudRepository<User, Long> {
User findByUsername(String theUsername);
}
用户详情服务实现
package myProject.security;
import org.jvnet.hk2.annotations.Service;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import myProject.User;
import myProject.data.UserRepository;
@Service
public class UserRepositoryDetailsService implements UserDetailsService {
private final UserRepository userRepo;
@Autowired
public UserRepositoryUserDetailsService(UserRepository theUserRepository) {
this.userRepo = theUserRepository;
}
@Override
public UserDetails loadUserByUsername(String theUsername) throws UsernameNotFoundException {
User user = userRepo.findByUsername(theUsername);
if (user != null) {
return user;
}
throw new UsernameNotFoundException("User " + theUsername + " not found");
}
}
在上面的示例中,我使用密码编码器作为构造函数参数。问题是@Bean 方法在调用RegistrationController 的构造函数时没有执行。在将encoder() 添加到引导类后,我可以克服这个问题,但我认为这不是解决方案。
如何解决我的问题?
Error - Error creating bean with name 'registrationController' defined in file [C:\Users\TECH WORLD\IdeaProjects\Project\target\classes\myProject\security\RegistrationController.class]:
Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name
'securityConfig': Unsatisfied dependency expressed through field 'userService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with
name 'inMemoryUserDetailsManager' defined in class path resource [org/springframework/boot/autoconfigure/security/servlet/UserDetailsServiceAutoConfiguration.class]: Bean instantiation
via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [
org.springframework.security.provisioning.InMemoryUserDetailsManager]: Factory method 'inMemoryUserDetailsManager' threw exception;
nested exception is org.springframework.beans.factory.BeanCurrentlyInCreationException: Error creating bean with name 'passwordEncoder':
请求的 bean 当前正在创建中:是否存在无法解析的循环引用?
【问题讨论】:
-
您真的阅读过错误信息吗?请发布
inMemoryUserDetailsManager()的代码。 -
inMemoryUserDetailsManager() 不是我的课程。它在 org.springframework.security.provisioning
-
即使错误消息中有这么多,当我将 encode() 移动到引导程序类时,这解决了,这似乎不是一个正确的解决方案,这就是为什么我困惑
标签: java spring spring-boot spring-security javabeans