Spring 无法在UserDetailsService中自动关联字段
我知道关于这个话题有一些问题,但我的有点不同。我正在尝试将openID身份验证包括到我用Spring、Spring安全性和Spring MVC开发的项目中 要实现openID身份验证,需要一些类别:AccessDeniedHandler和UserDetailsService在applicationContext-security.xml中配置:Spring 无法在UserDetailsService中自动关联字段,spring,spring-mvc,spring-security,Spring,Spring Mvc,Spring Security,我知道关于这个话题有一些问题,但我的有点不同。我正在尝试将openID身份验证包括到我用Spring、Spring安全性和Spring MVC开发的项目中 要实现openID身份验证,需要一些类别:AccessDeniedHandler和UserDetailsService在applicationContext-security.xml中配置: <?xml version="1.0" encoding="UTF-8"?> <beans xmlns:security="http:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns:security="http://www.springframework.org/schema/security"
xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<!-- turn on global security -->
<security:global-method-security secured-annotations="enabled"/>
<bean id="openIdAuthFailureHandler" class="es.institution.dept.security.MyAccessDeniedHandler"/>
<bean id="userDetailsService" class="es.institution.dept.service.impl.UserDetailsServiceImpl"/>
<security:http auto-config="true">
<security:intercept-url pattern="/welcome*" access="ROLE_USER, ROLE_ADMIN" />
<security:intercept-url pattern="/user/*" access="ROLE_USER, ROLE_ADMIN" />
<security:intercept-url pattern="/rest/*" access="ROLE_USER, ROLE_ADMIN" />
<security:intercept-url pattern="/admin/*" access="ROLE_ADMIN" />
<security:logout logout-success-url="/" />
<security:openid-login login-page="/openidLogin" default-target-url="/welcome" authentication-failure-url="/loginfailed" user-service-ref="userDetailsService"/>
<security:access-denied-handler ref="openIdAuthFailureHandler"/>
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:password-encoder hash="md5"/>
<security:jdbc-user-service data-source-ref="dataSource"
users-by-username-query="
SELECT username, password, active as enabled
FROM users WHERE username=?"
authorities-by-username-query="
select ur.username, ur.rolename as authority from users_roles ur
where ur.username=?" />
</security:authentication-provider>
</security:authentication-manager>
</beans>
当Spring需要知道用户数据(用户名、密码、角色等)时,就会调用UserDetailsService。因此,我需要调用UserDetailsService中的一个服务(UserService):
public class UserDetailsServiceImpl implements UserDetailsService{
@Autowired
UserService userService;
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
es.institution.dept.model.User user = userService.getUserByUsername("mannuk");
if(user == null)
throw new UsernameNotFoundException("User does not exist");
return new User(user.getUsername(), user.getPassword(), user.isActive(), false, false, false, getGrantedAuthorities(username));
}
public List<GrantedAuthority> getGrantedAuthorities(String username) {
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
for (Role role : userService.getAllRoles(username)) {
authorities.add(new SimpleGrantedAuthority(role.getRoleName()));
}
return authorities;
}
}
公共类UserDetailsServiceImpl实现UserDetailsService{
@自动连线
用户服务用户服务;
public UserDetails loadUserByUsername(字符串用户名)引发UsernameNotFoundException{
es.institution.dept.model.User User=userService.getUserByUsername(“mannuk”);
if(user==null)
抛出新的UsernameNotFoundException(“用户不存在”);
返回新用户(User.getUsername(),User.getPassword(),User.isActive(),false,false,getGrantedAuthories(用户名));
}
公共列表GetGrantedAuthories(字符串用户名){
列表权限=新建ArrayList();
for(角色:userService.getAllRoles(用户名)){
添加(新的SimpleGrantedAuthority(role.getRoleName());
}
返回当局;
}
}
我尝试了两种选择:
1) 在UserDetailsService中定义@Service注释,该注释在启动期间引发异常。它表示userdetailsbean不存在(它在applicationSecurity context.xml中是必需的)
2) 在applicationContext-security.xml中声明bean定义。启动正常(无错误),但UserService未自动连接
这是我的applicationContext.xml:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:p="http://www.springframework.org/schema/p"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">
<bean id="dataSource" class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="java:comp/env/jdbc/adminDB"/>
</bean>
<bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
<property name="dataSource" ref="dataSource"/>
</bean>
<bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">
<property name="dataSource" ref="dataSource" />
<property name="configLocation" value="/WEB-INF/mybatis-config.xml" />
</bean>
<bean id="usersMapper" class="org.mybatis.spring.mapper.MapperFactoryBean">
<property name="mapperInterface" value="es.institution.dept.dao.UserMapper" />
<property name="sqlSessionFactory" ref="sqlSessionFactory" />
</bean>
<bean id="rolesMapper" class="org.mybatis.spring.mapper.MapperFactoryBean">
<property name="mapperInterface" value="es.institution.dept.dao.RoleMapper" />
<property name="sqlSessionFactory" ref="sqlSessionFactory" />
</bean>
<bean id="groupMapper" class="org.mybatis.spring.mapper.MapperFactoryBean">
<property name="mapperInterface" value="es.institution.dept.dao.GroupMapper" />
<property name="sqlSessionFactory" ref="sqlSessionFactory" />
</bean>
<bean id="policyMapper" class="org.mybatis.spring.mapper.MapperFactoryBean">
<property name="mapperInterface" value="es.institution.dept.dao.PolicyMapper" />
<property name="sqlSessionFactory" ref="sqlSessionFactory" />
</bean>
<!-- Json converter bean -->
<bean id="jacksonMessageConverter" class="org.springframework.http.converter.json.MappingJacksonHttpMessageConverter">
<property name="objectMapper" ref="jacksonObjectMapper" />
</bean>
<bean id="jacksonObjectMapper" class="org.codehaus.jackson.map.ObjectMapper"></bean>
</beans>
这是我的app-servlet.xml:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:task="http://www.springframework.org/schema/task"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd
http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task-3.1.xsd">
<!-- Enabling Spring beans auto-discovery -->
<context:component-scan base-package="es.institution.dept" />
<!-- Enabling Spring MVC configuration through annotations -->
<mvc:annotation-driven />
<!-- Enabling Spring Async tasks through annotations -->
<task:annotation-driven />
<mvc:view-controller path="/" view-name="login" />
<!-- Load resources -->
<mvc:resources mapping="/resources/**" location="/resources/"/>
<!-- Bean definitions i18n -->
<bean id="localeResolver" class="org.springframework.web.servlet.i18n.SessionLocaleResolver">
<property name="defaultLocale" value="en" />
</bean>
<!-- Intercepts the change of the locale: example.html?ln=en -->
<bean id="localeChangeInterceptor" class="org.springframework.web.servlet.i18n.LocaleChangeInterceptor">
<property name="paramName" value="ln" />
</bean>
<bean class="org.springframework.web.servlet.mvc.support.ControllerClassNameHandlerMapping" >
<property name="interceptors">
<list>
<ref bean="localeChangeInterceptor" />
</list>
</property>
</bean>
<!-- Register the messages.properties -->
<bean id="messageSource" class="org.springframework.context.support.ReloadableResourceBundleMessageSource">
<property name="basename" value="WEB-INF/classes/locale/messages" />
</bean>
<!-- Defining which view resolver to use -->
<bean class= "org.springframework.web.servlet.view.InternalResourceViewResolver" >
<property name="prefix" value="/WEB-INF/views/" />
<property name="suffix" value=".jsp" />
</bean>
</beans>
请注意,UserService在其他地方(如控制器)工作正常。这似乎是UserDetails服务本身的问题
如果你需要更多的信息,请毫不犹豫地写信给我。我希望解决这个问题。将对解决方案进行投票和检查。- 在根应用程序上下文(
和applicationContext.xml
)中声明的bean无法访问在servlet特定上下文(applicationContext security.xml
)中声明的beanapp servlet.xml
- 必须在根应用程序上下文中声明Spring安全性的组件(包括
)UserDetailsService
因此,您需要在
applicationContext.xml
中声明UserService
,而不是通过app servlet.xml
中的
来获取它。是否可以用另一种方式实现?我是说。。。在另一个应用程序中,我在appContext(AutorizationManager)中声明了一个bean,用于自动连接服务。也许,在servlet中,我只需要扫描es.institution.dept.controller。如果我在appContext中声明bean UserService,则其字段不会自动连接。你能澄清一下吗?如果UserService
依赖于app servlet.xml
中的其他bean,你可以将app servlet.xml
的所有内容移动到applicationContext.xml
。据我记忆所及,它应该在没有其他更改的情况下工作。UserService不依赖于app-servlet.xml中的bean。UserService依赖于我在appContext.xml中声明的DAOBeans。控制器bean与UserController一样,AdminController依赖于UserService。如果我将es.institution.dept更改为es.institution.dept.controller,则从控制器bean启动时会出现异常:无法自动连线字段:es.institution.dept.service.UserService es.institution.dept.controller.AdminController.UserService;。是否需要在appContext中包含另一个组件扫描?如果需要,您可以从UserService
中删除@Service
(将其从组件扫描中排除),并手动在appContext中声明。