java - 属性 'passwordEncoder' 在 spring security 中抛出异常-6ren

java - 属性 'passwordEncoder' 在 spring security 中抛出异常

转载作者：行者123 更新时间：2023-11-30 08:24:14

在我的网络应用程序上部署时出现此错误

    Context initialization failed
    org.springframework.beans.factory.BeanCreationException: Error creating bean with name
    'org.springframework.security.filterChains': Cannot resolve reference to bean 
    'org.springframework.security.web.DefaultSecurityFilterChain#1' while setting bean property
    'sourceList' with key [1]; nested exception is 
     org.springframework.beans.factory.BeanCreationException: Error creating bean with name
    'org.springframework.security.web.DefaultSecurityFilterChain#1': Cannot resolve      reference to bean 
   'org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter#0'
    while setting constructor argument with key [3]; nested exception is 
    org.springframework.beans.factory.BeanCreationException: Error creating bean with name
    'org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter#0': 
    Cannot resolve reference to bean 'org.springframework.security.authentication.ProviderManager#0' while setting bean property
   'authenticationManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name
    'org.springframework.security.authentication.ProviderManager#0': Cannot resolve reference to bean
    'org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#0' while setting constructor argument; nested exception is 
   org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#0': 
 FactoryBean threw exception on object creation; nested exception is 
 org.springframework.beans.factory.BeanCreationException: Error creating bean with name
 'org.springframework.security.authenticationManager': Cannot resolve reference to bean 
 'org.springframework.security.authentication.dao.DaoAuthenticationProvider#0' while
 setting constructor argument with key [0]; nested exception is 
 org.springframework.beans.factory.BeanCreationException: Error creating bean with name
 'org.springframework.security.authentication.dao.DaoAuthenticationProvider#0': Error 
  setting property values; nested exception is 
 org.springframework.beans.PropertyBatchUpdateException; nested PropertyAccessExceptions (1) are:

PropertyAccessException 1: org.springframework.beans.MethodInvocationException:
Property 'passwordEncoder' threw exception; nested exception is java.lang.NullPointerException

        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:326)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:107)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:350)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:154)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1417)

我的spring-security.xml有

<authentication-manager>
            <authentication-provider user-service-ref="customUserDetailsService">
                    <password-encoder ref="customEnocdePassword" >
                        <salt-source user-property="email"/>
                    </password-encoder>
            </authentication-provider>
    </authentication-manager>  


    <beans:bean id="customEnocdePassword" class="com.mycom.myproject.service.impl.service.impl.CustomEnocdePassword" />
    <beans:bean id="exceptionMapper" class="org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler" >

我的 CustomEnocdePassword.java 是

public class CustomEnocdePassword implements PasswordEncoder {

    @Resource(name="userService")
    private UserService userService;

    @Override
    public String encodePassword(String password, Object username)
            throws DataAccessException {
        if (StringUtils.isBlank(password)) {
            throw new IllegalArgumentException("Password cannot be empty");
        }

        if(username.equals(null)){
            throw new IllegalArgumentException("Username cannot be null");
        }

        String saltPassword = getSaltPassword(username);


        String enteredPassword = getEnteredPassword(password, saltPassword);
        return enteredPassword;
    }


    @Override
    public boolean isPasswordValid(String encPassword, String password, Object username)
            throws DataAccessException {
        if (StringUtils.isBlank(password)) {
            return false;
        }

        String saltPassword = null;
        String databasePassword = null;

        try {
            User domainUser = userService.getUserByName(username.toString());
             saltPassword = domainUser.getPasswordSalt();
             databasePassword = domainUser.getCryptedPassword();
        } catch (LoginException e1) {
            e1.printStackTrace();
        }


        String enteredPassword = getEnteredPassword(password, saltPassword);


         return StringUtils.equals(databasePassword, enteredPassword);
        //return StringUtils.equals(databasePassword, password);
    }

    /**
     * @param password
     * @param saltPassword
     * @return
     */
    public static String getEnteredPassword(String password, String saltPassword) {
        String enteredPassword = null;

            try {
                enteredPassword = CryptoUtils.encrypt(password + saltPassword);
            } catch (NoSuchAlgorithmException e) {
                e.printStackTrace();
            } catch (NoSuchProviderException e) {
                e.printStackTrace();
            } catch (UnsupportedEncodingException e) {
                e.printStackTrace();
            }
        return enteredPassword;
    }

    /**
     * @param username
     * @return
     */
    private String getSaltPassword(Object username) {
        String saltPassword = null;
        try {
            User domainUser = userService.getUserByName(username.toString());
             saltPassword = domainUser.getPasswordSalt();
        } catch (LoginException e1) {
            e1.printStackTrace();
        }
        return saltPassword;
    }

}

customUserDetailsService.java 是

@Service
@Transactional(readOnly = true)
public class CustomUserDetailsService extends CommonService implements UserDetailsService {

    static final Logger logger = Logger.getLogger(CustomUserDetailsService.class);

    @Resource(name="userService")
    private UserService userService;

    @Override
    public UserDetails loadUserByUsername(String email)
            throws UsernameNotFoundException, DataAccessException {
        UserDetailedBean domainUser = null;


            try {




                domainUser = userService.getUserByName(email);      

                //userService.getUserDetailFromSpringSecurity();




                domainUser.isEnabled();
                domainUser.isAccountNonExpired();
                domainUser.isCredentialsNonExpired();
                domainUser.isAccountNonLocked();


        //Collection<? extends GrantedAuthority> roles =  getAuthorities((long) domainUser.getRoleId());



        } catch (AccountStatusException e) {
            logger.error("Invalid Login. "+email,e);
            throw new RuntimeException(e);
        } catch (TrialPeriodException e) {
            e.printStackTrace();
        }  catch (LoginException e) {
            throw new UsernameNotFoundException("Username not found. Please try again.");
        }

            return domainUser;
    }

    /**
     * Retrieves a collection of {@link GrantedAuthority} based on a numerical role
     * @param role the numerical role
     * @return a collection of {@link GrantedAuthority
     */
    public static final Collection<? extends GrantedAuthority> getAuthorities(Long role) {
        List<GrantedAuthority> authList = getGrantedAuthorities(getRoles(role));
        return authList;
    }


    /**
     * Converts a numerical role to an equivalent list of roles
     * @param role the numerical role
     * @return list of roles as as a list of {@link String}
     */
    public static List<String> getRoles(Long role) {
        List<String> roles = new ArrayList<String>();

        if (role.intValue() == 1) {
            roles.add("ROLE_USER");
            roles.add("ROLE_ADMIN");
            roles.add("ROLE_SJADMIN");          
        } else if (role.intValue() == 2) {
            roles.add("ROLE_USER");
            roles.add("ROLE_ADMIN");
        }else if (role.intValue() == 3) {
            roles.add("ROLE_USER");
            roles.add("ROLE_ADMIN");
        }else{
            roles.add("ROLE_USER");
        }

        return roles;
    }

    /**
     * Wraps {@link String} roles to {@link SimpleGrantedAuthority} objects
     * @param roles {@link String} of roles
     * @return list of granted authorities
     */
    public static List<GrantedAuthority> getGrantedAuthorities(List<String> roles) {
        List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
        for (String role : roles) {
            authorities.add(new SimpleGrantedAuthority(role));
        }
        return authorities;
    }

}

我没有得到我所缺少的东西。

如果您需要更多信息，请告诉我。

--- 更新 26-09-2014--

我的 Pom.xml

http://maven.apache.org/xsd/maven-4.0.0.xsd"> 4.0.0 com.mycom project 1.0 pom myproject

<properties>
    <spring.version>3.0.7.RELEASE</spring.version>
</properties>

<dependencies>
    <!--Joda time -->
    <dependency>
        <groupId>joda-time</groupId>
        <artifactId>joda-time</artifactId>
        <version>2.1</version>
    </dependency>

    <dependency>
        <groupId>joda-time</groupId>
        <artifactId>joda-time-jsptags</artifactId>
        <version>1.1.1</version>
    </dependency>

    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-web</artifactId>
        <version>3.1.1.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-config</artifactId>
        <version>3.1.1.RELEASE</version>
    </dependency>
    <!--spring -->

    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-context</artifactId>
        <version>${spring.version}</version>
    </dependency>

    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-web</artifactId>
        <version>${spring.version}</version>
    </dependency>


    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-webmvc</artifactId>
        <version>${spring.version}</version>
    </dependency>

    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-core</artifactId>
        <version>${spring.version}</version>
        <exclusions>
            <exclusion>
                <groupId>org.springframework.security</groupId>
                <artifactId>spring-security-web</artifactId>
            </exclusion>
            <exclusion>
                <groupId>org.springframework.security</groupId>
                <artifactId>spring-security-config</artifactId>
            </exclusion>
        </exclusions>
    </dependency>
    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-aspects</artifactId>
        <version>${spring.version}</version>
    </dependency>
    <dependency>
        <groupId>org.aspectj</groupId>
        <artifactId>aspectjrt</artifactId>
        <version>1.7.2</version>
    </dependency>
    <dependency>
        <groupId>org.aspectj</groupId>
        <artifactId>aspectjweaver</artifactId>
        <version>1.7.2</version>
    </dependency>


    <!-- <dependency> <groupId>org.springframework</groupId> <artifactId>spring-test</artifactId> 
        <version>${spring.version}</version> <scope>test</scope> </dependency> -->

    <!-- <dependency> <groupId>org.springframework</groupId> <artifactId>spring-support</artifactId> 
        <version>2.0.8</version> </dependency> -->
</dependencies>
<build>
    <plugins>
        <plugin>
            <groupId>org.apache.maven.plugins</groupId>
            <artifactId>maven-compiler-plugin</artifactId>
            <version>2.3.2</version>
            <configuration>
                <source>1.7</source>
                <target>1.7</target>
            </configuration>
        </plugin>
    </plugins>
</build>
<modules>       
    <module>core</module>
    <module>imageutils</module>
    <!-- <module>highriseapi</module> -->
</modules>

--- 更新 29-09-2014---

Spring-security.xml

<?xml version="1.0" encoding="UTF-8"?>
  <beans:beans xmlns="http://www.springframework.org/schema/security"
 xmlns:beans="http://www.springframework.org/schema/beans"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
 xmlns:p="http://www.springframework.org/schema/p" 
 xmlns:util="http://www.springframework.org/schema/util"
 xsi:schemaLocation="http://www.springframework.org/schema/beans 
    http://www.springframework.org/schema/beans/spring-beans.xsd
    http://www.springframework.org/schema/security 
    http://www.springframework.org/schema/security/spring-security.xsd
    http://www.springframework.org/schema/util 
    http://www.springframework.org/schema/util/spring-util.xsd">

<http pattern="/resources" security="none" />



<http auto-config="true"  use-expressions="true">
    <intercept-url pattern="/login.htm" access="permitAll"/>
    <intercept-url pattern="/logout.htm" access="permitAll"/>
    <intercept-url pattern="/forgotPasswordForm" access="permitAll"/>
    <intercept-url pattern="/registrationForm" access="permitAll"/>     
    <intercept-url pattern="/home.htm" access="hasRole('ROLE_USER')"/>




    <form-login login-page="/login.htm" 
                authentication-failure-url="/loginfailed"
                default-target-url="/index.htm" 
                always-use-default-target="false"
                />

    <access-denied-handler error-page="/logout.htm"/>

    <logout invalidate-session="true" 
        logout-url="/logout.htm"
        success-handler-ref="userController"/>
        <remember-me data-source-ref="datasource" />
    <!--<remember-me user-service-ref="customUserDetailsService" key="89dqj219dn910lsAc12" use-   secure-cookie="true"  token-validity-seconds="466560000"/>-->
 <session-management session-authentication-strategy-ref="sas"/>
</http>





  <authentication-manager>
        <authentication-provider user-service-ref="customUserDetailsService">
                <password-encoder ref="customEnocdePassword" >
                    <salt-source user-property="email"/>
                </password-encoder>
        </authentication-provider>
</authentication-manager>  

 <!-- <beans:bean id="expirationChecker" class="com....service.impl.utility.UserTrialPeriodExpirationChecker" />  -->
<beans:bean id="customEnocdePassword" class="com....service.impl.service.impl.CustomEnocdePassword" />
<beans:bean id="exceptionMapper" class="org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler" >
<beans:property name="exceptionMappings">
    <beans:map>
        <beans:entry key="com....exception.TrialPeriodExpiredException" value="/pricing"/>
        <beans:entry key="com....service.impl.exception.LoginException" value="/login?message=Invalid login"/>
    </beans:map>
</beans:property>
</beans:bean>

<beans:bean id="sas"
    class="org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy">
<beans:constructor-arg name="sessionRegistry" ref="sessionRegistry" />
<beans:property name="maximumSessions" value="3" />

最佳答案

我认为 CustomEnocdePassword 中的以下代码导致了您的问题:

if(username.equals(null)){
  throw new IllegalArgumentException("Username cannot be null");
}

替换为

if(username==null)){
  throw new IllegalArgumentException("Username cannot be null");
}

根据堆栈跟踪，spring 在设置 DaoAuthenticationProvider bean 的 passwordEncoder 属性时遇到 NPE。如果你看一下 setter方法，您会看到它调用 passwordEncoder.encodePassword(USER_NOT_FOUND_PASSWORD, null);，这会在您当前的代码中产生一个空指针。

另请注意，org.springframework.security.authentication.encoding.PasswordEncoder 现已弃用。

关于java - 属性 'passwordEncoder' 在 spring security 中抛出异常，我们在Stack Overflow上找到一个类似的问题： https://stackoverflow.com/questions/23091410/

文章推荐： math - 如何向量化方程？

文章推荐： java - 删除属于同一组的数组元素，只留下组中的 1 个？

文章推荐： java - 从命令行运行 Junit 测试

Spring 启动 : How to specify the PasswordEncoder?
目前我得到了主课: package com.recweb.springboot; import org.springframework.boot.SpringApplication; import o
java - Spring Security，PasswordEncoder 的问题
我的密码编码器有问题，我的代码: @Service public class UserService { private static final String DEFAULT_ROLE =
java - 如何在 Spring 中使用注释定义 PasswordEncoder？
我正在使用 Spring-Boot v1.3.0.M2。我正在尝试使用注释定义一个 o.s.s.c.p.PasswordEncoder 。我的配置类如下所示。这个例子运行良好。 @Configurat
java - 实现 Bcrypt PasswordEncoder 后无法使用身份验证
实现 Bcrypt 密码编码器后，我无法进行身份验证(凭据无效)。这是我要添加的用户: userRepository.save(new User("First", "Last", "user", "u
spring boot报错：There is no PasswordEncoder mapped for the id “null“
spring boot报错：There is no PasswordEncoder mapped for the id "null" 原因：新版spring boot需要在自定义的WebSecurit
Spring Boot PasswordEncoder.matches 始终为 false
我目前正在我的大学从事 Spring Boot/Angular 项目。我正在为 BCryptPasswordEncoder 的匹配函数苦苦挣扎，它总是返回 false。用户.java @Entity
spring-security - Spring LDAP PasswordEncoder 已弃用的替代方案
我正在尝试学习 spring 并创建一个网站，其中身份验证将通过登录页面关闭，角度传递给 spring，需要使用 ldap 进行身份验证。我想我会从 Spring 站点开始并浏览那里的指南，但它似乎使
java - 没有为具有数据库身份验证的 id "null"映射的 PasswordEncoder
我成功地建立了内存认证。但是当我要使用数据库构建它时，会出现这个错误。 There is no PasswordEncoder mapped for the id "null" 这是后续教程 - Sp
java - 将 Spring-Security PasswordEncoder 与默认身份验证提供程序一起使用？
我正在使用 Spring 4.0.8 RELEASE 和 Spring-Security 3.2.5 RELEASE 我正在使用只有注册用户才能访问的 HTTP 摘要构建 REST Web 服务。我
java - 如何使用 Spring Security 的新 PasswordEncoder
从 Spring Security 3.1.4.RELEASE 开始，旧的 org.springframework.security.authentication.encoding.PasswordE
jakarta-ee - Spring-Security PasswordEncoder 返回 null
我已经在我的 struts2 应用程序上实现了 Spring security，它运行良好，但它在第 3 行遇到错误 java.lang.NullPointerException。虽然看起来 pas
jakarta-ee - Spring-Security PasswordEncoder 返回 null
我已经在我的 struts2 应用程序上实现了 Spring security，它运行良好，但它在第 3 行遇到错误 java.lang.NullPointerException。虽然看起来 pas
java - 属性 'passwordEncoder' 在 spring security 中抛出异常
在我的网络应用程序上部署时出现此错误 Context initialization failed org.springframework.beans.factory.BeanCreat
java - Spring 安全5 : There is no PasswordEncoder mapped for the id "null"
我正在从 Spring Boot 1.4.9 迁移到 Spring Boot 2.0 以及 Spring Security 5，并且我尝试通过 OAuth 2 进行身份验证。但我收到此错误: java
spring-security - Spring 安全 : decode a password encoded with PasswordEncoder
我已经存储(并编码)了一个电子邮件密码。我使用过 PasswordEncoder(Spring 安全)。 passwordEncoder.encode(password); 现在我需要对其进行解码以便
unit-testing - 如何在 Grails 单元测试中使用 Spock 模拟 passwordEncoder
我可以使用一些建议来模拟 Grails 单元测试中使用的自动连接依赖项。我已经省略了大部分不必要的代码，只给出了测试类和被测文件类中的相关方法 class UserService { def
java - Spring 安全 5 : There is no PasswordEncoder mapped for the id "null"
我正在从 Spring Boot 1.4.9 迁移到 Spring Boot 2.0 以及 Spring Security 5，我正在尝试通过 OAuth 2 进行身份验证。但是我收到了这个错误: j
spring-boot - Spring 5 安全 : 'There is no passwordencoder mapped for the id null'
我正在尝试运行一个基本的安全应用程序，当我在 Postman 中输入凭据时，我没有收到预期的 token 。我正在学习基本教程并正确执行了所有步骤，但我得到 401“未授权”状态。我试过使用 Bcry
spring - 在 Spring Security OAuth 中，您如何将 passwordEncoder 用于客户端 secret ？
使用 Spring Security Oauth2 时，我正在尝试对存储在数据库中的客户端 secret 进行 BCrypt 加密。我可以看到 JdbcClientDetailsService有一个
java - 任务 ':compileGroovy'的执行失败。 org.springframework.security.authentication.encoding.PasswordEncoder
升级IDEA后启动项目时出现问题。当前错误如下: CONFIGURE SUCCESSFUL in 2s |Running application... > Task :compileJava NO-

行者123

个人简介

我是一名优秀的程序员,十分优秀！

作者热门文章

滴滴打车优惠券免费领取

全站热门文章

首页

博学

6Ren·AI

商城

java - 属性 'passwordEncoder' 在 spring security 中抛出异常