Spring 为什么配置类自身会形成循环依赖关系？_Spring_Spring Boot_Configuration_Javabeans

Spring 为什么配置类自身会形成循环依赖关系？

spring spring-boot configuration

Spring 为什么配置类自身会形成循环依赖关系？,spring,spring-boot,configuration,javabeans,Spring,Spring Boot,Configuration,Javabeans,我不明白这个类的本质是什么，它自身产生了一个周期性的依赖注入。我尝试过添加@Lazy注释或从构造函数中删除@Autowired，但都没有用。可能房间里有一头大象我没看见这是控制台显示的内容： *************************** APPLICATION FAILED TO START *************************** Description: The dependencies of some of the beans in the applicat

我不明白这个类的本质是什么，它自身产生了一个周期性的依赖注入。我尝试过添加@Lazy注释或从构造函数中删除@Autowired，但都没有用。可能房间里有一头大象我没看见

这是控制台显示的内容：

***************************
APPLICATION FAILED TO START
***************************

Description:

The dependencies of some of the beans in the application context form a cycle:

┌─────┐
|  securityConfiguration defined in file [E:\Users\Adelin\eclipse-workspace2\AuthenticationSpringJWTAngular\target\classes\src\main\configuration\SecurityConfiguration.class]

这是配置类：

package src.main.configuration;

import static org.springframework.security.config.http.SessionCreationPolicy.STATELESS;
import static src.main.constant.SecurityConstant.PUBLIC_URLS;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

import src.main.filter.JWTAccessDeniedHandler;
import src.main.filter.JWTAuthenticationEntryPoint;
import src.main.filter.JWTAuthorizationFilter;
import src.main.service.IUserDetailsService;

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    private JWTAuthorizationFilter jwtAuthorizationFilter;
    private JWTAccessDeniedHandler jwtAccessDeniedHandler;
    private JWTAuthenticationEntryPoint jwtAuthenticationEntryPoint;
    private IUserDetailsService userDetailsService;
    private BCryptPasswordEncoder bCryptPasswordEncoder;

    @Autowired
    public SecurityConfiguration(JWTAuthorizationFilter jwtAuthorizationFilter,
            JWTAccessDeniedHandler jwtAccessDeniedHandler, JWTAuthenticationEntryPoint jwtAuthenticationEntryPoint,
            IUserDetailsService userDetailsService, BCryptPasswordEncoder bCryptPasswordEncoder) {
        this.jwtAuthorizationFilter = jwtAuthorizationFilter;
        this.jwtAccessDeniedHandler = jwtAccessDeniedHandler;
        this.jwtAuthenticationEntryPoint = jwtAuthenticationEntryPoint;
        this.userDetailsService = userDetailsService;
        this.bCryptPasswordEncoder = bCryptPasswordEncoder;
    }

    @Override
    protected void configure(AuthenticationManagerBuilder amb) throws Exception {
        amb.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable()//
                .cors().and() //
                // we're not using sessions, not keeping track of currently logging in users
                // users prove by using a token -> stateless
                .sessionManagement().sessionCreationPolicy(STATELESS).and() //
                .authorizeRequests().antMatchers(PUBLIC_URLS).permitAll() // no authentication
                                                                            // needed
                .anyRequest().authenticated().and() // anything else - reqs. authentication
                .exceptionHandling().accessDeniedHandler(jwtAccessDeniedHandler)
                .authenticationEntryPoint(jwtAuthenticationEntryPoint).and()
                .addFilterBefore(jwtAuthorizationFilter, UsernamePasswordAuthenticationFilter.class);

    }

    @Bean
    @Override
    public AuthenticationManager authenticationManager() throws Exception {
        return super.authenticationManager();
    }

    @Bean
    public BCryptPasswordEncoder bCryptPasswordEncoder() {
        return new BCryptPasswordEncoder();
    }
}

我怀疑是因为这个

SecurityConfiguration

的构造函数被标记为

@Autowired

，带有类型为

BCryptPasswordEncoder

的参数，因此基本上为了实例化

SecurityConfiguration

它需要类型为

BCryptPasswordEncoder

的bean

但是同样，同一个类有一个实例方法，它正在创建类型为

BCryptPasswordEncoder

的bean

因此，基本上，无法调用构造函数，因为它依赖于方法返回的值，而无法调用方法，因为尚未调用构造函数来实例化它

如果您将方法更改为下面的方法（我不是建议将其作为解决方案，只是为了验证我的理解），那么它可能会起作用

@Bean
public static BCryptPasswordEncoder bCryptPasswordEncoder() {
    return new BCryptPasswordEncoder();
}

为什么需要在配置类中将

BCryptPasswordEncoder

作为字段接收？您可以只执行

amb.userDetailsService（userDetailsService）.passwordEncoder（this.bCryptPasswordEncoder（））

（调用方法

bCryptPasswordEncoder（）

，而不是传递字段）-当然，还要从类中删除字段bCryptPasswordEncoder