为什么我不能将带有@Service的bean注入到spring-security.xml配置文件中声明的bean中?

时间:2015-08-21 08:33:05

标签: java spring spring-mvc spring-security autowired

我在Spring中很新,我在尝试将bean注入名为 CustomUserDetailsMapper 的类时遇到了一些问题(我认为它可能取决于范围问题)。

所以这是我的 CustomUserDetailsMapper 的代码,这个类扩展了 LdapUserDetailsMapper ,它在LDAP身份验证后自动调用,并由LDAP身份验证提供程序用来创建LDAP用户对象。 (但这并不重要,唯一重要的是它会被Spring自动调用)

package it.myCompany.miur.gestioneUtenze.security;

// IMPORT REMOVED FROM THE CODE SNIPPET

public class CustomUserDetailsMapper extends LdapUserDetailsMapper  {

    private static final Logger _logger = Logger.getLogger(CustomUserDetailsMapper.class.getName());

 @Autowired
    private ProgettoService progettoService;


    @Override
    public UserDetails mapUserFromContext(DirContextOperations dirContextOperations, String userName, Collection<? extends GrantedAuthority> authorities) {
        ...............................................
        ...............................................
        ...............................................
        USE progettoService VARIABLE
        ...............................................
        ...............................................
        ............................................... 
    }

}

正如您在上面的代码中看到的那样,我试图通过以下方式注入 ProgettoService (这是一种对我的数据库执行某些查询的服务)对象:

@Autowired
private ProgettoService progettoService;

问题在于,当执行 mapUserFromContext()方法时,此字段为 null ,我无法在此方法中使用它。

在我看来这很奇怪,因为我以类似的方式(构造函数注入)将这个bean注入到控制器类中,这样(构造函数注入):

package it.myCompany.miur;

@Controller
public class HomeController {

    @Autowired
    public HomeController(ProgettoService progettoService,ScuolaService scuolaService) {
        this.progettoService = progettoService;
        this.scuolaService=scuolaService;
    }

    ...........................................
    ...........................................
    ...........................................
}

在第二种情况下,它工作正常,我可以正确使用我的ProgettoService对象。

因此,我的应用程序的配置由这些XML文件完成:

1) web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">

    <listener>
        <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
    </listener>
    <context-param>
        <param-name>log4jConfigLocation</param-name>
        <param-value>classpath:/META-INF/log4j.properties</param-value>
    </context-param>


    <!-- Processes application requests -->
    <servlet>
        <servlet-name>appServlet</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <init-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>/WEB-INF/spring/appServlet/servlet-context.xml</param-value>
        </init-param>
        <load-on-startup>1</load-on-startup>
    </servlet>

    <servlet-mapping>
        <servlet-name>appServlet</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

    <!-- Creates the Spring Container shared by all Servlets and Filters -->
    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>
<!-- The definition of the Root Spring Container shared by all Servlets and Filters -->
    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>
            /WEB-INF/spring/spring-security.xml
            /WEB-INF/spring/root-context.xml
        </param-value>
    </context-param>

    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>   

</web-app>

如您所见,它定义了以下其他XML配置文件:

2) servlet-context.xml :对于MVC配置:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/mvc"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:context="http://www.springframework.org/schema/context"
    xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd
        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
        http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">

    <!-- DispatcherServlet Context: defines this servlet's request-processing infrastructure -->

    <!-- Enables the Spring MVC @Controller programming model -->
    <annotation-driven />

    <!-- Handles HTTP GET requests for /resources/** by efficiently serving up static resources in the ${webappRoot}/resources directory -->
    <resources mapping="/resources/**" location="/resources/" />

    <!-- Resolves views selected for rendering by @Controllers to .jsp resources in the /WEB-INF/views directory -->
    <beans:bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
        <beans:property name="prefix" value="/WEB-INF/views/" />
        <beans:property name="suffix" value=".jsp" />
    </beans:bean>

    <context:component-scan base-package="it.myCompany.miur" />

</beans:beans>

正如您在此文件中看到的那样定义了:

<annotation-driven />

启用Spring MVC @Controller编程模型,并指定要扫描的包(在那里搜索@Controller和派生注释):

<context:component-scan base-package="it.myCompany.miur" />

这种推理是否正确?

3) spring-security.xml :在哪里定义了安全配置:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security" 
    xmlns:beans="http://www.springframework.org/schema/beans" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xsi:schemaLocation="http://www.springframework.org/schema/beans 
                        http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
                        http://www.springframework.org/schema/security 
                        http://www.springframework.org/schema/security/spring-security-4.0.xsd">

    <ldap-server id="ldapServer"
        url="${ldap.connection.url}"
        manager-dn="${ldap.connection.admin.user}"
        manager-password="${ldap.connection.admin.password}"/>

    <http auto-config="true"  use-expressions="true" authentication-manager-ref="authenticationManager">
        <intercept-url pattern="/" access="permitAll" />
    <!--<intercept-url pattern="/resetPassword" access="permitAll" />
        <intercept-url pattern="/nuovaPassword" access="permitAll" />
        <intercept-url pattern="resources/css/style.css" access="permitAll"/>
        <intercept-url pattern="resources/img/*" access="permitAll"/>-->
        <intercept-url pattern="/home" access="isAuthenticated()" /> 
        <logout logout-success-url="/" logout-url="/logout" />
        <form-login  login-page="/"  
                     authentication-failure-url="/?error=true"
                    default-target-url="/home"
                    username-parameter="username"
                    password-parameter="password"
                    login-processing-url="/j_spring_security_check"/>
        <csrf disabled="true"/>

    </http> 

    <!-- Authenticator -->
    <beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator" id="ldapBindAuthenticator">
        <beans:constructor-arg ref="ldapServer"/>
        <beans:property name="userDnPatterns">
            <beans:list><beans:value>cn={0},ou=Users,dc=miur,dc=it</beans:value>
                <beans:value>ou=mailusers,o=mpi.it</beans:value>
            </beans:list>
        </beans:property>
    </beans:bean>

    <beans:bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
        <beans:constructor-arg>
            <beans:list>
                <beans:ref bean="ldapAuthProvider" />
            </beans:list>
        </beans:constructor-arg>
    </beans:bean>

    <beans:bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
        <beans:constructor-arg ref="ldapBindAuthenticator"/>
        <beans:property name="userDetailsContextMapper" ref="customUserContextMapper"/>
    </beans:bean>

    <beans:bean id="customUserContextMapper" class="it.myCompany.miur.gestioneUtenze.security.CustomUserDetailsMapper"/>

</beans:beans>

正如您在此XML配置文件中所看到的那样,定义了我的 CustomUserDetailsMapper (我无法注入 ProgettoService bean的bean),通过:

<beans:bean id="customUserContextMapper" class="it.myCompany.miur.gestioneUtenze.security.CustomUserDetailsMapper"/>

3)最后我有 root-context.xml 配置文件:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:context="http://www.springframework.org/schema/context"
    xmlns:ldap="http://www.springframework.org/schema/ldap"
    xmlns:jpa="http://www.springframework.org/schema/data/jpa"
    xmlns:tx="http://www.springframework.org/schema/tx"
    xmlns:jee="http://www.springframework.org/schema/jee"
    xsi:schemaLocation="http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-4.1.xsd
        http://www.springframework.org/schema/data/repository http://www.springframework.org/schema/data/repository/spring-repository-1.7.xsd
        http://www.springframework.org/schema/ldap http://www.springframework.org/schema/ldap/spring-ldap-2.0.xsd
        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
        http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.1.xsd
        http://www.springframework.org/schema/data/jpa http://www.springframework.org/schema/data/jpa/spring-jpa.xsd
        http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.1.xsd
        http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.1.xsd">
    <!-- Root Context: defines shared resources visible to all other web components -->

<!--<context:property-placeholder
    location="file:///${jboss.modules.dir}/system/layers/base/it/myCompany/gestioneUtenze/main/gestioneUtenze.properties classpath*:gestioneUtenze_local.properties" />-->
<context:property-placeholder
    location="classpath*:wifi.properties" />

 <jpa:repositories base-package="it.myCompany.miur.wifipnsd.repository"
    entity-manager-factory-ref="entityManagerFactory"
    transaction-manager-ref="transactionManager"/> 

<bean id="entityManagerFactory" name="wifipnsd"
    class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
    <property name="dataSource" ref="datasource" /> 
    <property name="persistenceUnitName" value="wifipnsdPU" />
    <property name="jpaVendorAdapter">
        <bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter" >             
            <property name="showSql" value="false" />
            <property name="generateDdl" value="false" />
            <property name="database" value="MYSQL"/>
            <property name="databasePlatform" value="org.hibernate.dialect.MySQLDialect" />
        </bean>
    </property>
</bean> 

<bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager">
    <property name="entityManagerFactory" ref="entityManagerFactory" />
</bean>
<tx:annotation-driven transaction-manager="transactionManager" />
<!-- Data Source -->
<jee:jndi-lookup jndi-name="java:jboss/datasources/wifiDS"
    id="datasource" expected-type="javax.sql.DataSource" />


<bean id="messageSource"
    class="org.springframework.context.support.ResourceBundleMessageSource">
    <property name="basename" value="message" />
</bean>

在哪里配置了数据源和hibernate配置。

那么为什么,使用 @Autowired ,我可以将 ProgettoService 对象注入到 HomeController 控制器类中,但是我无法进入 ProgettoService 类?我错过了什么?如何解决此问题并将其注入ProgettoService类?

也许问题可能取决于在子上下文(servlet-context)中声明的bean可以看到在父上下文中声明的bean而不是反之?我不知道如何解决它。你能救我吗?

2 个答案:

答案 0 :(得分:1)

您必须将<context:component-scan ...>添加到root-context.xml 并将ProgettoService实施注释为@Service

春天需要<context:component.scan ../>才能知道在哪里寻找注释。需要@Service注释,Spring管理bean的生命周期,bean可以自动装配。

有关更多信息,请参阅@Service

的javadoc

答案 1 :(得分:1)

您需要了解的内容有两种不同的背景

ContextLoaderListener创建的根上下文,以及DispatcherServlet创建的子上下文

由于CustomUserDetailsMapper没有任何注释,例如:@Service,因此不会通过扫描servlet-context.xml组件中提及的内容来选择它。因此,不在调度程序servlet的子上下文中。但是在家庭控制器的情况下,您@Controller以及ProgettoService在组件扫描包路径中。

CustomUserDetailsMapper由于spring-security.xml中的bean定义而存在于根上下文中。这就是最初没有注入豆子的原因。

我建议从spring-security.xml中删除bean定义,并使用@Service或@Component注释CustomUserDetailsMapper类是否合适。这将在CustomUserDetailsMapper位于组件扫描路径中。

通过实施Jens的答案,您在两个上下文中基本上都复制了bean。