我想通过创建一个简单的登录屏幕在我的项目中使用 Spring Boot Security,但在运行 y 应用程序时出现这些错误
说明: com.panchmeru_studio.controller.UserController 中构造函数的参数 1 需要一个无法找到的“org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder”类型的 bean。
操作:考虑在您的配置中定义一个 org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder' 类型的 bean。 这是我的代码。
<块引用>用户控制器
package com.panchmeru_studio.controller;
import com.panchmeru_studio.entities.ApplicationUser;
import com.panchmeru_studio.repository.ApplicationUserRepository;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.web.bind.annotation.*;
@RestController
@RequestMapping("/users")
public class UserController {
private ApplicationUserRepository applicationUserRepository;
private BCryptPasswordEncoder bCryptPasswordEncoder;
public UserController(ApplicationUserRepository applicationUserRepository,
BCryptPasswordEncoder bCryptPasswordEncoder) {
this.applicationUserRepository = applicationUserRepository;
this.bCryptPasswordEncoder = bCryptPasswordEncoder;
}
@PostMapping("/record")
public void signUp(@RequestBody ApplicationUser applicationUser) {
applicationUser.setPassword(bCryptPasswordEncoder.encode(applicationUser.getPassword()));
applicationUserRepository.save(applicationUser);
}
}
<块引用>
SecurityConfiguration.java
package com.panchmeru_studio.security;
import com.panchmeru_studio.filter.AuthenticationFilter;
import com.panchmeru_studio.filter.AuthorizationFilter;
import com.panchmeru_studio.service.ApplicationUserDetailsService;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import static com.panchmeru_studio.constants.SecurityConstants.SIGN_UP_URL;
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
private ApplicationUserDetailsService userDetailsService;
private BCryptPasswordEncoder bCryptPasswordEncoder;
public SecurityConfiguration(ApplicationUserDetailsService userDetailsService, BCryptPasswordEncoder bCryptPasswordEncoder) {
this.userDetailsService = userDetailsService;
this.bCryptPasswordEncoder = bCryptPasswordEncoder;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors().and().csrf().disable().authorizeRequests()
.antMatchers(HttpMethod.POST, SIGN_UP_URL).permitAll()
.anyRequest().authenticated()
.and()
.addFilter(new AuthenticationFilter(authenticationManager()))
.addFilter(new AuthorizationFilter(authenticationManager()))
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}
@Bean
CorsConfigurationSource corsConfigurationSource() {
final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", new CorsConfiguration().applyPermitDefaultValues());
return source;
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder);
}
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
}
答案 0 :(得分:1)
错误提示,您没有任何带有密码编码器的 bean。
在你的配置类中添加那个 bean 并从 BCryptPasswordEncoder
的构造函数中删除 SecurityConfiguration
:
@Bean
public PasswordEncoder encoder() {
return new BCryptPasswordEncoder();
}
答案 1 :(得分:1)
在您的安全配置类中,您不需要这一行:
private BCryptPasswordEncoder bCryptPasswordEncoder;
用这个替换它。下面的方法是将密码编码器 bean 提供给 spring 容器以增强安全性。
@Bean
public PasswordEncoder passwordEncoder()
{
return new BCryptPasswordEncoder();
}
在您的控制器中,现在您可以将其自动装配为:
@Autowired
private BCryptPasswordEncoder bCryptPasswordEncoder;