Java Spring安全性:创建名为springsecurityfilterchain的bean时出错
我尝试将DB(MySQL)与Spring Security连接起来。我想使用一种标准的方法,使用SpringSecurity从DB检查用户名和权限。我创建了所有需要的表(用户、权限)。与DB的连接在没有Spring安全性的情况下工作 当我启动应用程序时,我得到服务器错误“创建名为springsecurityfilterchain的bean时出错” 我已经尝试更改为JDK8,从我的Spring安全配置中删除“extends-websecurityconfig-adapter”,但它不起作用 我需要更改或添加什么 弹簧配置:Java Spring安全性:创建名为springsecurityfilterchain的bean时出错,java,spring,spring-security,Java,Spring,Spring Security,我尝试将DB(MySQL)与Spring Security连接起来。我想使用一种标准的方法,使用SpringSecurity从DB检查用户名和权限。我创建了所有需要的表(用户、权限)。与DB的连接在没有Spring安全性的情况下工作 当我启动应用程序时,我得到服务器错误“创建名为springsecurityfilterchain的bean时出错” 我已经尝试更改为JDK8,从我的Spring安全配置中删除“extends-websecurityconfig-adapter”,但它不起作用 我需要
@Configuration
@ComponentScan("security")
@EnableWebMvc
public class SpringConfig implements WebMvcConfigurer {
@Bean
public DataSource dataSource(){
ComboPooledDataSource dataSource = new ComboPooledDataSource();
try {
dataSource.setDriverClass("com.mysql.cj.jdbc.Driver");
dataSource.setJdbcUrl(URL);
dataSource.setUser(USERNAME);
dataSource.setPassword(PASSWORD);
} catch (PropertyVetoException e) {
e.printStackTrace();
}
return dataSource;
}
Spring安全初始值设定项:
public class SecurityInitializer
extends AbstractSecurityWebApplicationInitializer {
}
Spring安全配置:
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter
{
private final String[] ROLES = {"HR", "Manager", "Sales"};
private final DataSource dataSource;
@Autowired
public SecurityConfig(DataSource dataSource) {
this.dataSource = dataSource;
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource).withDefaultSchema();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/").hasAnyRole(ROLES)
.antMatchers("/hr").hasAnyRole("HR")
.and().formLogin().permitAll();
}
}
Spring Dispatcher Servlet:
public class DispatcherServletInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
@Override
protected Class<?>[] getRootConfigClasses() {
return null;
}
@Override
protected Class<?>[] getServletConfigClasses() {
return new Class[]{SpringConfig.class};
}
@Override
protected String[] getServletMappings() {
return new String[]{"/"};
}
公共类DispatcherServletInitializer扩展了AbstractAnnotationConfigDispatcherServletInitializer{
@凌驾
受保护类[]getRootConfigClasses(){
返回null;
}
@凌驾
受保护类[]getServletConfigClasses(){
返回新类[]{SpringConfig.Class};
}
@凌驾
受保护的字符串[]getServletMappings(){
返回新字符串[]{”/“};
}
这是我的spring安全类,它可以工作。您可以根据需要更改它
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter{
@Autowired
private PasswordEncoder passwordEncoder;
@Autowired
private DataSource dataSource ;
private AuthenticationSuccessHandler authenticationSuccessHandler;
@Autowired
public SecurityConfig(AuthenticationSuccessHandler authenticationSuccessHandler) {
this.authenticationSuccessHandler = authenticationSuccessHandler;
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
/*auth.inMemoryAuthentication().withUser("admin").password(bcpe.encode("1234")).roles("ADMIN","USER") ;
auth.inMemoryAuthentication().withUser("user").password(bcpe.encode("1234")).roles("USER") ;
auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder()) ;
*/
PasswordEncoder bcpe=passwordEncoder() ;
auth.jdbcAuthentication()
.dataSource(dataSource)
.usersByUsernameQuery("select username as principal , password as credentials , active from users where username=?")
.authoritiesByUsernameQuery("select username as principal, role as role from users where username=? ")
.rolePrefix("ROLE_")
.passwordEncoder(bcpe) ;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.formLogin().loginPage("/login").successHandler(authenticationSuccessHandler) ;
http.authorizeRequests().antMatchers("/admin/*").hasAnyRole("ADMIN") ;
http.authorizeRequests().antMatchers("/user/*").hasAnyRole("CLIENT","ADMIN") ;
http.authorizeRequests().antMatchers("/client/*").hasRole("CLIENT") ;
http.exceptionHandling().accessDeniedPage("/403") ;
http.logout()
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.logoutSuccessUrl("/login")
.invalidateHttpSession(true)
.deleteCookies("JSESSIONID");
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
始终包括Java错误的整个堆栈跟踪。