春季启动:在自定义UserDetailsS​​ervice中自动装配authenticationManager时,委托构建器不能为null

时间:2018-12-19 08:14:49

标签: java spring spring-boot spring-security spring-java-config

嗨,我是Spring Boot的新手,正在尝试为我的其余api实现安全性。

我正在使用Spring Boot 2.0.7.release

我已经按照以下步骤配置了WebSecurityConfig

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Resource(name = "userService")
    private UserDetailsService userDetailsService;

    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
       return super.authenticationManagerBean();
    }

    @Autowired
    public void globalUserDetails(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService)
            .passwordEncoder(encoder());
    }

    @Bean
    public JwtAuthenticationFilter authenticationTokenFilterBean() throws Exception {
        return new JwtAuthenticationFilter();
    }
    @Bean
    public PasswordEncoder encoder(){
         PasswordEncoder encoder = new CustomPasswordEncoder(); 
         return encoder;
    }
    ....
   }

我已经添加了资源名称,以便可以将其指向自定义userDetailsS​​ervice。

我尝试通过配置来配置authenticationManager Bean,并通过Qualifier authenticationManager bean指向该bean,但错误仍然相同。

我的pom.xml看起来很安全

......
<dependency>
  <groupId>org.springframework.boot</groupId>
  <artifactId>spring-boot-starter-security</artifactId>
</dependency>
......

我实现的UserServiceImpl是

@Service(value = "userService")
public class UserServiceImpl implements UserService, UserDetailsService {

    @Autowired
    private UserDAOService userDao;

    @Autowired
    private AuthenticationManager authenticationManager;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
         User user = userDao.findByUsername(username);
         if(user == null){
             throw new UsernameNotFoundException("Invalid username or password.");
          }
         return new org.springframework.security.core.userdetails.User(user.getEmail(), user.getPassword(), getAuthority());
    }

    @Override
    public String login(LoginUser user) {
           // valid user if it exits then do the following

            authenticationManager.authenticate(
                new UsernamePasswordAuthenticationToken(user.getUsername(), user.getPassword()));

           //generate the token and do other process.
    }

以下是错误日志。我只提供了邮件错误

  Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'webSecurityConfig': Injection of resource dependencies failed; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'userService': Unsatisfied dependency expressed through field 'authenticationManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager' defined in class path resource [com/saikrishna/security/config/WebSecurityConfig.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.authentication.AuthenticationManager]: Circular reference involving containing bean 'webSecurityConfig' - consider declaring the factory method as static for independence from its containing instance. Factory method 'authenticationManagerBean' threw exception; nested exception is java.lang.IllegalArgumentException: delegateBuilder cannot be null
  Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'userService': Unsatisfied dependency expressed through field 'authenticationManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager' defined in class path resource [com/saikrishna/security/config/WebSecurityConfig.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.authentication.AuthenticationManager]: Circular reference involving containing bean 'webSecurityConfig' - consider declaring the factory method as static for independence from its containing instance. Factory method 'authenticationManagerBean' threw exception; nested exception is java.lang.IllegalArgumentException: delegateBuilder cannot be null
  Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager' defined in class path resource [com/saikrishna/security/config/WebSecurityConfig.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.authentication.AuthenticationManager]: Circular reference involving containing bean 'webSecurityConfig' - consider declaring the factory method as static for independence from its containing instance. Factory method 'authenticationManagerBean' threw exception; nested exception is java.lang.IllegalArgumentException: delegateBuilder cannot be null
  Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.authentication.AuthenticationManager]: Circular reference involving containing bean 'webSecurityConfig' - consider declaring the factory method as static for independence from its containing instance. Factory method 'authenticationManagerBean' threw exception; nested exception is java.lang.IllegalArgumentException: delegateBuilder cannot be null
  Caused by: java.lang.IllegalArgumentException: delegateBuilder cannot be null
  at org.springframework.util.Assert.notNull(Assert.java:193) ~[spring-core-5.0.11.RELEASE.jar:5.0.11.RELEASE]

1 个答案:

答案 0 :(得分:2)

为了更好地帮助您,最好指出实现JWT机制所遵循的参考。

从概念上讲,这部分源代码是错误的:

@Configuration
public class ServiceConfig{   
   @Bean
   protected UserDAOService daoService()
   {
      return new UserDAOServiceImpl();
   }
   @Bean
   protected UserDetailsService userDetailService( UserDAOService dao )
   {
      return new UserServiceImpl( dao );
   }
   @Bean
   public PasswordEncoder encoder(){
     PasswordEncoder encoder = new CustomPasswordEncoder(); 
     return encoder;
   }
   @Bean
   public JwtAuthenticationFilter authenticationTokenFilterBean() throws Exception{                           {
    return new JwtAuthenticationFilter();
   }
}

看看下面的修改是否可以帮助您

1)考虑使用Java Config在单独的Configuration类中声明您的bean

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private UserDetailsService userDetailsService;

    @Autowired
    private PasswordEncoder passwordEncoder;


    @Override
    protected void configure( AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService( userDetailsService ).passwordEncoder( passwordEncoder );
    }

}

2)修改您的WebSecurityConfig

CREATE message = (PHRASE: "thankyou") //define message variable with value "thankyou"