我有像这样的UserManager类 -
@Service
public class UserManager implements UserDetailsService {
@Autowired
UserRepositoryImpl userRepositoryImpl;
@Override
public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
User user = userRepositoryImpl.findUserByEmail(email);
List<GrantedAuthority> authList = new ArrayList<GrantedAuthority>();
authList.add(new SimpleGrantedAuthority(user.getRole().getName()));
UserDetails userDetails = new org.springframework.security.core.userdetails.User(email,user.getPassword(),true,true,true,true,authList);
return userDetails;
}
现在应用程序安全性是 -
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<http use-expressions="true" auto-config="true">
<intercept-url pattern="/Home" access="permitAll" />
<intercept-url pattern="/resources/**" access="permitAll" />
<intercept-url pattern="/logout" access="permitAll" />
<intercept-url pattern="/Admin/**" access="hasRole('Admin')" />
<intercept-url pattern="/Teacher/**" access="hasRole('Teacher')" />
<intercept-url pattern="/Student/**" access="hasRole('Teacher')" />
<form-login login-page="/Login" authentication-failure-url="/Login?login_error=1" authentication-success-handler-ref="authenticationSuccessHandler" />
<logout logout-success-url="/Login" invalidate-session="true" delete-cookies="JSESSIONID" />
</http>
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="userManager"/>
</authentication-manager>
</beans:beans>
在web.xml中,我添加了applicationSecurity.xml作为上下文参数 -
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext.xml
/WEB-INF/application-security.xml
</param-value>
</context-param>
问题是当我运行我的代码时抛出异常 引起:org.springframework.beans.factory.BeanCreationException:创建名为'org.springframework.security.authentication.dao.DaoAuthenticationProvider#0'的bean时出错:在设置bean属性'userDetailsService'时无法解析对bean'userManager'的引用;嵌套异常是org.springframework.beans.factory.NoSuchBeanDefinitionException:没有定义名为'userManager'的bean
引起:org.springframework.beans.factory.NoSuchBeanDefinitionException:没有定义名为'userManager'的bean
如果我用控制器自动装配它,同样的userManager工作正常。由于UserManager类使用@Service注释进行注释,甚至我已经启用了在我的dispatcherServlet.xml中驱动的注释 -
<context:annotation-config/>
<context:component-scan base-package="org.opentutor.controllers"/>
<context:component-scan base-package="org.opentutor.configs"/>
<context:component-scan base-package="org.opentutor.managers"/>
<context:component-scan base-package="org.opentutor.repoimpls"/>
<mvc:annotation-driven />
它应该找到userManager bean,但它不会。在扫描java配置之前是否有类似其加载身份验证管理器的东西。请帮助解决此错误。
答案 0 :(得分:3)
Spring Web应用程序中上下文的生命周期如下:
ContextLoaderListener加载并合并contextConfigLocation的上下文(默认值或指定的上下文)DispatcherServlet使用ContextLoaderListener加载的合并上下文作为父加载来加载servlet上下文。 DispatcherServlet加载的上下文可以访问ContextLoaderListener加载的上下文,但不能反过来。所以,这一点
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="userManager"/>
</authentication-manager>
/WEB-INF/application-security.xml中的无法访问
生成的bean<context:component-scan base-package="org.opentutor.managers"/>
dispatcherServlet.xml中的。
重新设计你的背景。您的servlet上下文应该只包含与servlet上下文相关的bean定义。 UserManager bean(及其相关的<component-scan>)与应用程序相关,而不是servlet,因此将其放在applicationContext.xml中。