我是spring-security的新手。我对 @Autowired 注释有疑问。
下面是我的spring-security.xml文件:
<http pattern="/login" security="none" />
<http pattern="/signup" security="none" />
<http pattern="/views/**" security="none" />
<http pattern="/createUser" security="none" />
<http pattern="/practice" security="none" />
<http use-expressions="true" authentication-manager-ref="authenticationManager">
<intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
<form-login login-page="/login" default-target-url="/home"
authentication-failure-url="/login" username-parameter="username"
password-parameter="password" login-processing-url="/j_spring_security_check" />
<logout logout-success-url="/login" invalidate-session="true"
logout-url="/j_spring_security_logout" delete-cookies="JSESSIONID" />
<session-management invalid-session-url="/login">
<concurrency-control max-sessions="1"
expired-url="/login" />
</session-management>
</http>
<authentication-manager id="authenticationManager">
<authentication-provider user-service-ref="userDetailsService" />
</authentication-manager>
<beans:bean id="userDetailsService" class="com.practice.service.UserDetailsServiceImpl" />
<beans:bean name="
passwordEncoder "
class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder" />
这是我的spring-servlet.xml配置:
<context:annotation-config/>
<context:component-scan base-package="com.practice" />
<mvc:resources mapping="/views/**" location="/views/" />
<mvc:annotation-driven />
<bean
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="locations"
value="classpath:com/practice/resources/database.properties"></property>
</bean>
<bean id="viewResolver"
class="org.springframework.web.servlet.view.UrlBasedViewResolver">
<property name="viewClass"
value="org.springframework.web.servlet.view.JstlView" />
<property name="prefix" value="/WEB-INF/jsp/" />
<property name="suffix" value=".jsp" />
</bean>
<bean id="dataSource" destroy-method="close"
class="org.apache.commons.dbcp.BasicDataSource">
<property name="driverClassName" value="${database.driver}" />
<property name="url" value="${database.url}" />
<property name="username" value="${database.username}" />
<property name="password" value="${database.password}" />
</bean>
<bean id="sessionFactory"
class="org.springframework.orm.hibernate4.LocalSessionFactoryBean">
<property name="dataSource" ref="dataSource" />
<property name="configLocation">
<value>classpath:com/practice/resources/hibernate.cfg.xml</value>
</property>
<property name="hibernateProperties">
<props>
<prop key="hibernate.dialect">${hibernate.dialect}</prop>
<prop key="hibernate.show_sql">${hibernate.show_sql}</prop>
</props>
</property>
</bean>
<tx:annotation-driven />
<bean id="transactionManager"
class="org.springframework.orm.hibernate4.HibernateTransactionManager">
<property name="sessionFactory" ref="sessionFactory" />
</bean>
我会请求注册页面,并在填写必要的详细信息后,它会命中我的控制器,我将用户保存在数据库中,然后我在请求中对用户进行身份验证,而不是我存储在数据库中的用户。我按照stackoverflow post进行了指导。
奇怪的是在类中没有发生自动装配,我实现了UserDetailsService接口:
@Service("userDetailsService")
public class UserDetailsServiceImpl implements UserDetailsService {
@Autowired
PasswordEncoder passwordEncoder;
@Autowired
UserService userService;
@Override
public UserDetails loadUserByUsername(String arg0)
throws UsernameNotFoundException {
System.out.println("ddfddd");
return null;
}}
自动装配正在其他服务类中进行,我自动装配了与上述相同的字段!!
当我登录时发生同样的事情,当我调试时,字段为空!以及我编写CustomAuthenticationProvider的类!
有什么建议吗?如果我的配置有任何错误,请更正我。
更新
我收到以下错误,
由以下原因引起:org.springframework.beans.factory.NoSuchBeanDefinitionException:找不到类型[com.practice.service.UserService]的限定bean用于依赖:预期至少有1个bean符合此依赖关系的autowire候选者。依赖注释:{@ org.springframework.beans.factory.annotation.Autowired(required = true)}
当我删除 @Service 注释时,当我添加上下文:annotation-config
答案 0 :(得分:0)
如果已经定义了一个带有@Component注释的UserService bean,该注释由spring-servlet.xml中的组件扫描获取,则问题可能是spring-servlet.xml是spring的子应用程序上下文-security.xml。在这种情况下,来自安全上下文的bean无法从子上下文访问任何bean,只能反过来。因此,您必须确保可以从spring-security.xml上下文访问所有必需的bean(例如,通过显式指定所有bean或通过移动spring-security.xml上下文中的annotation-config和component-scan元素)。