Spring启动，spring安全覆盖UserDetailsService-Java 学习之路

在Spring Security中从spring security xml配置迁移到Java Config .

在我的SecurityConfiguration类中，它扩展了WebSecurityConfigurerAdapter . 但是，问题是安全过滤器没有使用userDetailsService，特别是UsernamePasswordAuthenticationFilter . 我查看了启动，似乎在Spring引导创建默认的InMemoryUserDetailsManager之前没有创建 .

@Configuration
@EnableWebMvcSecurity
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http)
      throws Exception {

      http.userDetailsService(userDetailsService);

    }
}

我还尝试使用自定义注入的ApplicationUserDetailsService覆盖此类中的userDetailsServiceBean和userDetailsService .

@Bean(name="myUserDetailsBean")
@Override
public UserDetailsService userDetailsServiceBean() {
    return userDetailsService;
}

@Override
public UserDetailsService userDetailsService() {

    return userDetailsService;
}

但是，当我尝试覆盖authenticationManagerBean时，看起来它在spring boot配置初始化之前调用我的配置，但是在初始化UsernamePasswordAuthenticationFilter时会抛出一个错误（如下所示） . 我是否真的需要覆盖authenticationManagerBean，因为我需要定义UsernamePasswordAuthenticationFilter中的内容 .

@Bean(name="myAuthenticationManager")
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
    return super.authenticationManagerBean();
}

Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter]: Circular reference involving containing bean 'securityBeansConfiguration' - consider declaring the factory method as static for independence from its containing instance. Factory method 'usernamePasswordAuthenticationFilter' threw exception; nested exception is java.lang.IllegalArgumentException: successHandler cannot be null
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:189) ~[spring-beans-4.1.4.RELEASE.jar:4.1.4.RELEASE]
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588) ~[spring-beans-4.1.4.RELEASE.jar:4.1.4.RELEASE]
... 70 common frames omitted

想法？

1 回答

您好有简单的方法来覆盖UserDetailsService

import com.dog.care.domain.User;
import com.dog.care.repository.UserRepository;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import org.springframework.transaction.annotation.Transactional;

import javax.inject.Inject;
import java.util.Optional;

@Component("userDetailsService")
public class UserDetailsService implements org.springframework.security.core.userdetails.UserDetailsService {

private final Logger log = LoggerFactory.getLogger(UserDetailsService.class);

@Inject
private UserRepository userRepository;

@Override
@Transactional
public UserDetails loadUserByUsername(final String login) {
    log.debug("Authenticating {}", login);
    String lowercaseLogin = login.toLowerCase();
    Optional<User> userFromDatabase =  userRepository.findOneByLogin(lowercaseLogin);
    return userFromDatabase.map(user -> {
        if (!user.getActivated()) {
            throw new UserNotActivatedException("User " + lowercaseLogin + " was not activated");
        }
        return new CustomUserDetails(user);
    }).orElseThrow(() -> new UsernameNotFoundException("User " + lowercaseLogin + " was not found in the database"));
}
}

这很重要：@Component（“userDetailsService”）

谢谢Aleksandar

回复于 2024-04-20T07:40:17+08:00

Spring启动，spring安全覆盖UserDetailsService

1 回答

相关问题