Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/350.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java SpringSecurity MemberServices不是通过注释注入的_Java_Spring_Spring Mvc_Dependency Injection_Spring Security - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java SpringSecurity MemberServices不是通过注释注入的

Java SpringSecurity MemberServices不是通过注释注入的

java spring spring-mvc dependency-injection spring-security

Java SpringSecurity MemberServices不是通过注释注入的,java,spring,spring-mvc,dependency-injection,spring-security,Java,Spring,Spring Mvc,Dependency Injection,Spring Security,我正在尝试将SpringSecurity配置为使用“记住我”身份验证 以下是我的Java配置: @Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(securedEnabled = true) public class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired UserDetailsService userDetails

我正在尝试将SpringSecurity配置为使用“记住我”身份验证

以下是我的Java配置:

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    UserDetailsService userDetailsService;
    @Autowired
    DatabasePersistentTokeRepositoryImpl databasePersistentTokeRepositoryImpl;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(new BCryptPasswordEncoder());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {      
        http
        .authenticationProvider(rememberMeAuthenticationProvider())
        .rememberMe().tokenRepository(databasePersistentTokeRepositoryImpl).tokenValiditySeconds((int) TimeUnit.SECONDS.convert(7, TimeUnit.DAYS))
        .and()
            .csrf().disable();
    }

    @Bean()
    public AuthenticationProvider rememberMeAuthenticationProvider() {
        return new RememberMeAuthenticationProvider("KEY");
    }

    @Bean()
    public TokenBasedRememberMeServices rememberMeServices() {
        TokenBasedRememberMeServices rememberMeServices = new TokenBasedRememberMeServices("KEY", userDetailsService);
        rememberMeServices.setAlwaysRemember(true);
        return rememberMeServices;
    }
}
我看到MemberMechanfiguler中没有注入MemberMeServices。这会导致创建RememberAuthenticationFilter,它引用了错误的RememberServices

Spring安全文档中有一节使用XML描述这个过程。

我的注入有什么问题?如果没有XML,有可能这样做吗?

您没有注入它。
记忆配置器
没有自动连线功能。还有,为什么要配置这么多bean

已为您创建了
rememberAuthenticationProvider
,如果要使用其他键,请使用
key(“key”)
指定它。这将依次用于创建
RememberMeServices

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    UserDetailsService userDetailsService;
    @Autowired
    DatabasePersistentTokeRepositoryImpl databasePersistentTokeRepositoryImpl;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(new BCryptPasswordEncoder());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {      
        http
        .rememberMe()
            .key("KEY")
            .tokenRepository(databasePersistentTokeRepositoryImpl)
                .tokenValiditySeconds((int) TimeUnit.SECONDS.convert(7, TimeUnit.DAYS))
        .and()
            .csrf().disable();
    }
}
如果确实需要将
alwaysRemember
属性设置为true,则可以使用
ObjectPostProcessor
对过滤器进行后处理,并从中配置
RememberServices

您还可能注入了错误类型的
RememberMeServices
,因为配置的类型没有使用
PersistentTokeRepository

,只是为了提供一个代码示例,说明@m-denum建议的
ObjectPostProcessor
总是将remember设置为true,如下所示:

@Override
protected void configure(HttpSecurity http) throws Exception {      
    http
    .rememberMe()
        .key("KEY")
        .tokenRepository(databasePersistentTokeRepositoryImpl)
        .tokenValiditySeconds((int) TimeUnit.SECONDS.convert(7, TimeUnit.DAYS))
        .withObjectPostProcessor( new ObjectPostProcessor<RememberMeAuthenticationFilter>() {

            @Override
            public <O extends RememberMeAuthenticationFilter> O postProcess( O object) {

                RememberMeAuthenticationFilter rmaf = (RememberMeAuthenticationFilter)
                PersistentTokenBasedRememberMeServices rms = (PersistentTokenBasedRememberMeServices)rmaf.getRememberMeServices();
                rms.setAlwaysRemember( true );

                return object;
            }                           
        })
    .and()
        .csrf().disable();
}

@覆盖
受保护的无效配置(HttpSecurity http)引发异常{
http
.rememberMe()
.key(“key”)
.tokenRepository(数据库PersistentTokeRepositoryImpl)
.tokenValiditySeconds((int)TimeUnit.SECONDS.convert(7,TimeUnit.DAYS))
.withObjectPostProcessor(新的ObjectPostProcessor(){
@凌驾
公共O后处理(O对象){
rememberAuthenticationFilter rmaf=(rememberAuthenticationFilter)
PersistentTokenBasedMemberMeservices rms=(PersistentTokenBasedMemberMeservices)rmaf.GetMemberMeservices();
rms.setAlwaysRemember(真);
返回对象;
}                           
})
.及()
.csrf().disable();
}