个人中心
gpt4 book ai didi

java - 无法通过 @Autowired 将 AuthenticationManager 传递给自定义过滤器

转载 作者:行者123 更新时间:2023-11-30 06:06:12 24 4
gpt4 key购买 nike

我正在尝试通过 @Autowired 注释将过滤器 JWTLoginFilter 传递给 WebSecurityConfig WebSecurityConfigurerAdapter 。当 JWTLoginFilter 尝试从 WebSecurityConfig 获取 AuthenticationManager 时,就会出现问题。

当我启动服务器时,出现此错误:

Description:

The dependencies of some of the beans in the application context form a cycle:

JWTLoginFilter defined in file [C:\Users\user\workspace\backend\target\classes\pl\dn\schoolsystem\service\jwt\JWTLoginFilter.class]

webSecurityConfig (field pl.dn.schoolsystem.service.jwt.JWTLoginFilter pl.dn.schoolsystem.config.WebSecurityConfig.jwtLoginFilter)

error image

我认为这是循环依赖注入(inject)。我被困在这个问题上,我不知道如何解决。

网络安全配置:

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private Environment env;

    @Autowired
    private UserSecurityService userSecurityService;

    @Autowired
    JWTLoginFilter jwtLoginFilter;

    private static final String Salt = "salt"; // should be protected better

    @Bean
    public BCryptPasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder(12, new SecureRandom(Salt.getBytes()));
    }

    @Bean(name = BeanIds.AUTHENTICATION_MANAGER)
       @Override
       public AuthenticationManager authenticationManagerBean() throws Exception {
           return super.authenticationManagerBean();
       }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable().
        authorizeRequests().antMatchers("/").permitAll()
        .antMatchers(HttpMethod.POST, "/login").permitAll()
        .antMatchers("/admin/**").hasRole("ADMIN")
        .anyRequest().authenticated()

        .and()

        //.addFilterBefore(new JWTLoginFilter("/login", authenticationManager()), 
                //UsernamePasswordAuthenticationFilter.class)
        .addFilterBefore(jwtLoginFilter, 
                UsernamePasswordAuthenticationFilter.class)
        .addFilterBefore(new JWTAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);        
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userSecurityService).passwordEncoder(passwordEncoder());
    }

}

JWTLogin过滤器:

@Component
public class JWTLoginFilter extends AbstractAuthenticationProcessingFilter{

    @Autowired
    UserService userService;

    @Autowired
    public JWTLoginFilter(@Value("/login") String url, AuthenticationManager authManager) {
        super(new AntPathRequestMatcher(url));
        setAuthenticationManager(authManager);
    }

    @Override
    public Authentication attemptAuthentication(HttpServletRequest req,
            HttpServletResponse res) throws AuthenticationException,
            IOException, ServletException {

        System.out.println("Jestem w JwtLogginFilter.attemptAuthentication -------------------------------------");

        AccountCredentials creds = new ObjectMapper()
            .readValue(req.getInputStream(), AccountCredentials.class);

        User user = userService.findByUsername(creds.getUsername());

        return getAuthenticationManager().authenticate(
                new UsernamePasswordAuthenticationToken(
                        creds.getUsername(),
                        creds.getPassword(),
                        user.getAuthorities()
                        )
        );
    }

    @Override
    protected void successfulAuthentication(HttpServletRequest request,
            HttpServletResponse response, FilterChain chain,
            Authentication authResult) throws IOException, ServletException {

        System.out.println("Jestem w JWTLogginFilter.successfulAuthentication -------------------------------------- ");

        System.out.println("authResult.getName(): " + authResult.getName());
        TokenAuthenticationService.addAuthentication(response, authResult.getName());

    }



}

我正在使用 Spring Boot 1.5.4。感谢您的建议

最佳答案

您的WebSecurityConfig显式请求将JWTLoginFilter注入(inject)其中,并且JWTLoginFilter请求将AuthenticationManager注入(inject)其中它的构造函数。 AuthenticationManagerWebSecurityConfig 提供,因此您具有循环依赖关系。

JWTLoginFilter 中删除 @Component 注解,并将过滤器定义为 WebSecurityConfig 中的 bean:

@Bean
public JWTLoginFilter jwtLoginFilter() {
    return new JWTLoginFilter("/login", authenticationManager());
}

您可能还需要在此方法中手动注入(inject)UserService(例如,通过构造函数)。

关于java - 无法通过 @Autowired 将 AuthenticationManager 传递给自定义过滤器,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/44736385/

24 4 0
文章推荐: java - RequestBody 未映射到对象
文章推荐: 用于显示两个给定值中较高版本的Java代码
文章推荐: java - 在 Spring Boot 中使用 JSP 中的自定义标记文件
文章推荐: Java 8如何使用Stream检查一个数字是否除以多个数字
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com