我用自定义用户详细信息服务编写了一个Spring MVC应用程序。
@Service("userDetailsService")
public class CustomUserDetailsService implements UserDetailsService{
@Autowired
private UserAccountDao userAccountDao;
@Transactional(readOnly = true)
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException {
UserDetails user = null;
try {
UserAccount dbUser = (UserAccount) userAccountDao.getByUsername(username);
此时,userAccountDao为null,因此它在上面的行上抛出一个空指针异常,这意味着自动装配不会在此服务中注入此Dao。现在Dao本身已经自动装配......
@Repository("userAccountDao")
public class UserAccountDaoImpl extends UserDaoImpl implements UserAccountDao {
@Autowired
private PasswordEncoder passwordEncoder;
@Autowired
private SessionFactory sessionFactory;
@Override
public void addUserAccount(final UserAccount userAccount) {
userAccount.setPassword(passwordEncoder.encodePassword(userAccount.getPassword(), "salt"));
sessionFactory.getCurrentSession().save(userAccount);
}
}
@Repository("userDao")
public class UserDaoImpl implements UserDao {
@Autowired
private SessionFactory sessionFactory;
@Override
public User getByUsername(final String username) {
return (User) sessionFactory.getCurrentSession()
.createQuery("from User where username = :username")
.setParameter("username", username).uniqueResult();
}
现在,当我创建用户,从任何其他对象获取用户时,确实工作正常,只是没有正确注入的CustomUserDetailsService。它与其他能够使用@Autowired的服务位于同一个包com.securetest.app.service中。
我有3个context.xml文件 - 下面是我的web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5">
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/root-context.xml
/WEB-INF/spring/appServlet/security-context.xml</param-value>
</context-param>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>appServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/appServlet/servlet-context.xml
/WEB-INF/spring/appServlet/persistence-context.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>appServlet</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
这是我的security-context.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<http use-expressions="true">
<intercept-url pattern="/exam" access="isAuthenticated()" />
<intercept-url pattern="/" access="permitAll" />
<intercept-url pattern="/**" access="denyAll" />
<form-login />
<logout invalidate-session="true" logout-success-url="/"
logout-url="/logout" />
</http>
<beans:bean id="CustomUserDetailsService"
class="com.securetest.app.service.CustomUserDetailsService" />
<beans:bean
class="org.springframework.security.authentication.encoding.ShaPasswordEncoder"
id="passwordEncoder" />
<authentication-manager>
<authentication-provider user-service-ref='CustomUserDetailsService'>
<password-encoder ref="passwordEncoder" />
</authentication-provider>
</authentication-manager>
</beans:beans>
最后只是为了确保我没有遗漏任何东西,我的servlet-context.xml - 正如你所看到的,这里我正在使用context-component-scan,它应该在com.securetest.app <中注入所有内容/ p>
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/mvc"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<!-- DispatcherServlet Context: defines this servlet's request-processing
infrastructure -->
<!-- Enables the Spring MVC @Controller programming model -->
<annotation-driven />
<!-- Handles HTTP GET requests for /resources/** by efficiently serving
up static resources in the ${webappRoot}/resources directory -->
<resources mapping="/resources/**" location="/resources/" />
<context:component-scan base-package="com.securetest.app." />
<!-- Resolves views selected for rendering by @Controllers to .jsp resources
in the /WEB-INF/views directory -->
<beans:bean
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<beans:property name="prefix" value="/WEB-INF/views/" />
<beans:property name="suffix" value=".jsp" />
</beans:bean>
<beans:bean
class="org.springframework.web.servlet.view.ContentNegotiatingViewResolver">
<beans:property name="mediaTypes">
<beans:map>
<beans:entry key="html" value="text/html" />
<beans:entry key="json" value="application/json" />
</beans:map>
</beans:property>
<beans:property name="defaultViews">
<beans:list>
<beans:bean
class="org.springframework.web.servlet.view.json.MappingJacksonJsonView">
<beans:property name="prefixJson" value="true" />
</beans:bean>
</beans:list>
</beans:property>
</beans:bean>
</beans:beans>
我应该提一下,我很确定这就像我已经错误地命令我的web.xml,反之亦然,因为几乎完全相同的代码适用于另一个项目,但我看不出两者之间的区别。
为什么我没有得到autowire故障而只是nullPointerException?
编辑:在下面添加了root-context.xml ..
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
</beans>
答案 0 :(得分:3)
您的web.xml正在创建两个Spring应用程序上下文。我们称它们为Security(在security-context.xml之后)和Servlet(在servlet-context.xml之后)。安全性由ContextLoaderListener侦听器创建,Servlet由DispatcherServlet servlet创建。安全性是Servlet的父级。这意味着Security中的bean只对Security中的其他bean可见,而Servlet中的bean可以看到Security和Servlet中的bean。
您在Security中定义了CustomUserDetailsService(CUDS)bean,在Servlet中定义了UserAccountDao和UserDao bean,因此CUDS bean无法看到它们。如果要将它们连接到CUDS,则需要在DAO bean的安全性中添加组件扫描。
我不确定NPE。
答案 1 :(得分:1)
我认为,您的安全上下文会在您的servlet-context之前加载,@Required包含您的DAO配置。安全加载时,DAO尚未扫描,因此无需注入!使用root-context.xml进行检查。
我为我的项目执行以下操作:
<context:component-scan use-default-filters="true"
base-package="com.trelta.accountmanagement, com.trelta.commons">
<context:exclude-filter type="annotation" expression="org.springframework.stereotype.Controller"/>
</context:component-scan>
中的
<context:component-scan use-default-filters="false"
base-package="com.trelta.accountmanagement, com.trelta.commons">
<context:include-filter type="annotation"
expression="org.springframework.stereotype.Controller" />
</context:component-scan>
在servlet-context中:
root-context.xml我把context-param&amp; servlet-context.xml中的security.xml和DispatcherServlet的{{1}}中的init-param。该方法还增加了模块性。它会将您的WebApplicationContext相关bean保存在一个文件中,然后将其传递到您的DispatcherServlet和其他ApplicationContext bean中的单独文件中。