自定义PermissionEvaluation bean导致循环引用和空指针异常

时间:2015-12-03 03:00:31

标签: java spring spring-security

我试图在Spring 4上设置Spring Security ACL,但我得到一个空指针异常。

Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.acls.jdbc.LookupStrategy]: Circular reference involving containing bean 'webSecurityACL' - consider declaring the factory method as static for independence from its containing instance. Factory method 'lookupStrategy' threw exception; nested exception is java.lang.IllegalArgumentException: DataSource required
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:189)
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588)
... 95 common frames omitted
Caused by: java.lang.IllegalArgumentException: DataSource required
at org.springframework.util.Assert.notNull(Assert.java:112)
at org.springframework.security.acls.jdbc.BasicLookupStrategy.<init>(BasicLookupStrategy.java:145)
at com.sample.application.WebSecurityACL.lookupStrategy(WebSecurityACL.java:59)

这是我的java配置文件:

@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
public class WebSecurityACL extends GlobalMethodSecurityConfiguration {

@Autowired
public DataSource dataSource;

@Bean
EhCacheBasedAclCache aclCache() {
    EhCacheFactoryBean factoryBean = new EhCacheFactoryBean();
    EhCacheManagerFactoryBean cacheManager = new EhCacheManagerFactoryBean();

    factoryBean.setCacheName("aclCache");
    factoryBean.setCacheManager(cacheManager.getObject());
    factoryBean.afterPropertiesSet();

    return new EhCacheBasedAclCache(factoryBean.getObject(), permissionGrantingStrategy(), aclAuthorizationStrategy());
}

@Bean
AclAuthorizationStrategy aclAuthorizationStrategy() {
    return new AclAuthorizationStrategyImpl(new SimpleGrantedAuthority("ROLE_ACL_ADMIN"));
}

@Bean
PermissionGrantingStrategy permissionGrantingStrategy(){
    return new DefaultPermissionGrantingStrategy(new ConsoleAuditLogger());
}

@Bean
LookupStrategy lookupStrategy() {
    return new BasicLookupStrategy(dataSource, aclCache(), aclAuthorizationStrategy(), permissionGrantingStrategy());
}

@Bean
JdbcMutableAclService aclService() {
    JdbcMutableAclService service = new JdbcMutableAclService(dataSource, lookupStrategy(), aclCache());
    //service.setClassIdentityQuery("select currval(pg_get_serial_sequence('acl_class', 'id'))");
    //service.setSidIdentityQuery("select currval(pg_get_serial_sequence('acl_sid', 'id'))");
    return service;
}

@Bean
PermissionEvaluator permissionEvaluator(){
    return new AclPermissionEvaluator(aclService());
}

@Bean
AclPermissionCacheOptimizer aclPermissionCacheOptimizer(){
    return new AclPermissionCacheOptimizer(aclService());
}

@Override
protected MethodSecurityExpressionHandler createExpressionHandler(){
    DefaultMethodSecurityExpressionHandler expressionHandler = new DefaultMethodSecurityExpressionHandler();

    expressionHandler.setPermissionEvaluator(permissionEvaluator());
    expressionHandler.setPermissionCacheOptimizer(aclPermissionCacheOptimizer());

    return expressionHandler;
}
}

我将罪魁祸首指向了permissionEvaluator bean。如果我用null替换aclService()(只是为了测试):

PermissionEvaluator permissionEvaluator(){
    return new AclPermissionEvaluator(null);
}

然后我就可以运行该应用程序了。我无法弄清楚循环引用的位置。任何建议都会非常感激。

这是我的gradle文件:

version '1.0-SNAPSHOT'

apply plugin: 'spring-boot'


buildscript {
repositories {
    mavenCentral()
}
dependencies {
    classpath("org.springframework.boot:spring-boot-gradle-plugin:1.2.7.RELEASE")
}
}

dependencies {
compile 'org.codehaus.jackson:jackson-mapper-asl:1.9.13'
compile("org.springframework.boot:spring-boot-starter-thymeleaf")
compile("org.springframework.boot:spring-boot-starter-security")
compile("org.thymeleaf.extras:thymeleaf-extras-springsecurity3:2.1.2.RELEASE")
compile 'org.springframework.security:spring-security-acl:3.2.8.RELEASE'
compile 'net.sf.ehcache:ehcache:2.10.1'
runtime 'mysql:mysql-connector-java:5.1.36'
testCompile group: 'junit', name: 'junit', version: '4.12'
}

1 个答案:

答案 0 :(得分:0)

原因是没有注入数据源 -

  

引起:java.lang.IllegalArgumentException:需要DataSource   在org.springframework.util.Assert.notNull(Assert.java:112)   在org.springframework.security.acls.jdbc.BasicLookupStrategy。(BasicLookupStrategy.java:145)   在com.sample.application.WebSecurityACL.lookupStrategy(WebSecurityACL.java:59)

你能证实吗?你摆脱异常的原因是“AclPermissionEvaluator(null)”也在调用数据源,并给出一个未捕获的异常

相关问题
最新问题