我正在尝试实现以下spring自动登录,但我的authenticationManager实例抛出以下异常并且没有自动装配 . 如何从Spring手动获取它的实例?我没有使用 spring 控制器,我正在使用JSF请求范围的bean . 当容器尝试自动装配authenticationManager时,我在运行时获得以下异常 . requestCache很好 . 我应该在UserDetailsService实现(userManager)上使用方法吗?我没有看到UserDetailsService公开的采用UsernamePasswordAuthenticationToken对象的适当方法 . 有任何想法吗?配置:
<http access-denied-page="/auth/denied.html">
<intercept-url
pattern="/**/*.xhtml"
access="ROLE_NONE_GETS_ACCESS" />
<intercept-url
pattern="/auth/**"
access="ROLE_ANONYMOUS,ROLE_USER" />
<intercept-url
pattern="/auth/*"
access="ROLE_ANONYMOUS" />
<intercept-url
pattern="/registered/*"
access="ROLE_USER" />
<intercept-url
pattern="/*"
access="ROLE_ANONYMOUS" />
<form-login
login-processing-url="/j_spring_security_check.html"
login-page="/auth/login.html"
default-target-url="/registered/home.html"
authentication-failure-url="/auth/login.html" />
<logout invalidate-session="true"
logout-success-url="/"
logout-url="/auth/logout.html"/>
<anonymous username="guest" granted-authority="ROLE_ANONYMOUS"/>
<remember-me user-service-ref="userManager" key="e37f4b31-0c45-11dd-bd0b-0800200c9a66"/>
</http>
<!-- Configure the authentication provider -->
<authentication-manager alias="am">
<authentication-provider user-service-ref="userManager">
<password-encoder ref="passwordEncoder" />
</authentication-provider>
</authentication-manager>
Exception 注入自动连接的依赖项失败;嵌套异常是org.springframework.beans.factory.BeanCreationException:无法自动装配字段:protected org.springframework.security.authentication.AuthenticationManager com.dc.web.actions.SignUpDetail.authenticationManager;嵌套异常是org.springframework.beans.factory.NoSuchBeanDefinitionException:没有定义类型为[org.springframework.security.authentication.AuthenticationManager]的唯一bean:期望的单个匹配bean但找到2:[org.springframework.security.authentication.ProviderManager #0,org.springframework.security.authenticationManager] javax.faces.webapp.FacesServlet.service(FacesServlet.java:325)
@Named
@Scope(“request”)公共类注册{
@Inject
RequestCache requestCache;
@Inject
protected AuthenticationManager authenticationManager;
public String login(){
authenticateUserAndSetSession(utilities.getLoggedInUser(), (HttpServletRequest) FacesUtils.getExternalContext().getRequest());
return "/home.html";
}
private void authenticateUserAndSetSession(Users user,
HttpServletRequest request)
{
UserDetails details = userManager.loadUserByUsername(user.getUsername());
UsernamePasswordAuthenticationToken usernameAndPassword =
new UsernamePasswordAuthenticationToken(
user.getUsername(), "pwd", details.getAuthorities());
// Authenticate, just to be sure
Authentication auth = authenticationManager.authenticate(usernameAndPassword);
// Place the new Authentication object in the security context.
SecurityContextHolder.getContext().setAuthentication(auth);
}
2 回答
这是因为Spring Security在内部声明了第二个
AuthenticationManager
,所以你有两个 . 您需要使用alias
选择其中一个:@ c12如果您使用基于角色的自定义授权,则 UserDetails 的内部 authorities 集合可能未填充到 UserManager 类的 loadUserByUsername 方法中;如果是这种情况,您将需要手动将特定角色与 authorities 集合相关联 . 查看下面的片段(理想情况下它应该是 loadUserByUsername 方法体的一部分);假设... a)MyUser是您自己的用户对象b)MyUserRole是您自己的角色对象c)userDetails是您将从loadUserByUsername方法返回的内容
希望这可以帮助!