春天循环依赖

时间:2014-11-20 21:09:42

标签: spring spring-security

我有以下配置:

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled=true)
public class SecurityConfig {
    private static final Logger LOGGER = LoggerFactory.getLogger(SecurityConfig.class);
    @Resource
    private UserDetailsService userDetailsService;
    @Resource
    private PasswordEncoder passwordEncoder;

    .....

    @Configuration
    @Order(2)
    public static class MobileApiSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
        @Resource
        private UserDetailsService userDetailsService;
        @Resource
        private PasswordEncoder passwordEncoder;
        @Autowired
        private CustomBasicAuthenticationFilter customBasicAuthenticationFilter;
        @Autowired
        private TokenSecurityFilter tokenSecurityFilter;

        protected void configure(AuthenticationManagerBuilder auth) throws Exception {

            auth
            .userDetailsService(userDetailsService)
            .passwordEncoder(passwordEncoder);

        }

        protected void configure(HttpSecurity http) throws Exception {
            http
                .addFilter(customBasicAuthenticationFilter)
                .addFilterBefore(tokenSecurityFilter, CustomBasicAuthenticationFilter.class)
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
                    .csrf().disable()
                .authorizeRequests()           
                    .antMatchers(Mappings.MOBILE_API + "/**").hasAnyRole(Globals.MOBILE_API_USER_ROLE)
                    .and()
                .exceptionHandling()
                    .authenticationEntryPoint(new CustomBasicAuthenticationEntryPoint())
                    .and()
                .requestCache()
                    .requestCache(new NullRequestCache());
        }

    }

这是我的自定义过滤器:

@Component
public class CustomBasicAuthenticationFilter extends BasicAuthenticationFilter {
    private static final Logger LOGGER = LoggerFactory.getLogger(CustomBasicAuthenticationFilter.class);
    @Autowired
    private PrincipalRepository principalRepository;
    @Autowired
    private AuthenticationCache authenticationCache;

    @Autowired
    public CustomBasicAuthenticationFilter(AuthenticationManager authenticationManager) {
       super(authenticationManager);
    }

    @Override
    protected void onSuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response,
            Authentication authResult) throws IOException {
        Principal principal = principalRepository.findOne(PrincipalPredicates.userNameEquals(authResult.getName()));

        if (principal != null) {
            principal.setLastLoginTime(DateTime.now());
            principalRepository.save(principal);
        } else {
            LOGGER.error("Unable to retrieve user " + authResult.getName());
        }

        authenticationCache.add(authResult, request, response);

        super.onSuccessfulAuthentication(request, response, authResult);
    }
}

但是,在尝试部署到Tomcat时,会抛出以下异常:

Error creating bean with name 'customBasicAuthenticationFilter' defined in file [C:\work\...]: Unsatisfied dependency expressed through constructor argument with index 0 of type [org.springframework.security.authentication.AuthenticationManager]: : No qualifying bean of type [org.springframework.security.authentication.AuthenticationManager] found for dependency: expected at least 1 bean which qualifies as autowire candidate for this dependency. Dependency annotations: {}; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type [org.springframework.security.authentication.AuthenticationManager] found for dependency: expected at least 1 bean which qualifies as autowire candidate for this dependency. Dependency annotations: {}

我不知道为什么我的过滤器正在寻找一个authenticationManager,因为我正在自动装配它。感谢帮助。

更新问题:我添加了此代码以解决authenticationManager问题

@Bean(name="myAuthenticationManager")
           @Override
           public AuthenticationManager authenticationManagerBean() throws Exception {
               return super.authenticationManagerBean();
           }

通过添加上述内容,我可以解决authenticationManager问题,但现在我遇到了这个问题:

    org.springframework.beans.factory.BeanCreationException:
 Could not autowire field: private CustomBasicAuthenticationFilter SecurityConfig$MobileApiSecurityConfigurerAdapter.customBasicAuthenticationFilter; 
nested exception is org.springframework.beans.factory.BeanCurrentlyInCreationException: 
Error creating bean with name 'customBasicAuthenticationFilter':
 Requested bean is currently in creation: Is there an unresolvable circular reference?

由于

2 个答案:

答案 0 :(得分:0)

您可以尝试在@EnableWebSecurity类定义的顶部添加MobileApiSecurityConfigurerAdapter注释。

答案 1 :(得分:0)

我将@Lazy注释添加到过滤器中,我现在可以部署。

随意提供其他解决方案。