我有以下配置:
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled=true)
public class SecurityConfig {
private static final Logger LOGGER = LoggerFactory.getLogger(SecurityConfig.class);
@Resource
private UserDetailsService userDetailsService;
@Resource
private PasswordEncoder passwordEncoder;
.....
@Configuration
@Order(2)
public static class MobileApiSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
@Resource
private UserDetailsService userDetailsService;
@Resource
private PasswordEncoder passwordEncoder;
@Autowired
private CustomBasicAuthenticationFilter customBasicAuthenticationFilter;
@Autowired
private TokenSecurityFilter tokenSecurityFilter;
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.userDetailsService(userDetailsService)
.passwordEncoder(passwordEncoder);
}
protected void configure(HttpSecurity http) throws Exception {
http
.addFilter(customBasicAuthenticationFilter)
.addFilterBefore(tokenSecurityFilter, CustomBasicAuthenticationFilter.class)
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.csrf().disable()
.authorizeRequests()
.antMatchers(Mappings.MOBILE_API + "/**").hasAnyRole(Globals.MOBILE_API_USER_ROLE)
.and()
.exceptionHandling()
.authenticationEntryPoint(new CustomBasicAuthenticationEntryPoint())
.and()
.requestCache()
.requestCache(new NullRequestCache());
}
}
这是我的自定义过滤器:
@Component
public class CustomBasicAuthenticationFilter extends BasicAuthenticationFilter {
private static final Logger LOGGER = LoggerFactory.getLogger(CustomBasicAuthenticationFilter.class);
@Autowired
private PrincipalRepository principalRepository;
@Autowired
private AuthenticationCache authenticationCache;
@Autowired
public CustomBasicAuthenticationFilter(AuthenticationManager authenticationManager) {
super(authenticationManager);
}
@Override
protected void onSuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response,
Authentication authResult) throws IOException {
Principal principal = principalRepository.findOne(PrincipalPredicates.userNameEquals(authResult.getName()));
if (principal != null) {
principal.setLastLoginTime(DateTime.now());
principalRepository.save(principal);
} else {
LOGGER.error("Unable to retrieve user " + authResult.getName());
}
authenticationCache.add(authResult, request, response);
super.onSuccessfulAuthentication(request, response, authResult);
}
}
但是,在尝试部署到Tomcat时,会抛出以下异常:
Error creating bean with name 'customBasicAuthenticationFilter' defined in file [C:\work\...]: Unsatisfied dependency expressed through constructor argument with index 0 of type [org.springframework.security.authentication.AuthenticationManager]: : No qualifying bean of type [org.springframework.security.authentication.AuthenticationManager] found for dependency: expected at least 1 bean which qualifies as autowire candidate for this dependency. Dependency annotations: {}; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type [org.springframework.security.authentication.AuthenticationManager] found for dependency: expected at least 1 bean which qualifies as autowire candidate for this dependency. Dependency annotations: {}
我不知道为什么我的过滤器正在寻找一个authenticationManager,因为我正在自动装配它。感谢帮助。
更新问题:我添加了此代码以解决authenticationManager问题:
@Bean(name="myAuthenticationManager")
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
通过添加上述内容,我可以解决authenticationManager问题,但现在我遇到了这个问题:
org.springframework.beans.factory.BeanCreationException:
Could not autowire field: private CustomBasicAuthenticationFilter SecurityConfig$MobileApiSecurityConfigurerAdapter.customBasicAuthenticationFilter;
nested exception is org.springframework.beans.factory.BeanCurrentlyInCreationException:
Error creating bean with name 'customBasicAuthenticationFilter':
Requested bean is currently in creation: Is there an unresolvable circular reference?
由于
答案 0 :(得分:0)
您可以尝试在@EnableWebSecurity
类定义的顶部添加MobileApiSecurityConfigurerAdapter
注释。
答案 1 :(得分:0)
我将@Lazy注释添加到过滤器中,我现在可以部署。
随意提供其他解决方案。