@Autowire在Spring Security自定义身份验证提供程序中不起作用 [英] @Autowire is not working in Spring security Custom Authentication provider
问题描述
我们有Spring MVC应用程序.我们正在尝试将Spring安全性集成到其中.
We have Spring MVC application. We are trying to integrate the Spring security in it.
我们已经编写了自定义身份验证提供程序,它将执行身份验证工作.
We have written our custom authentication provider which will do the work of authentication.
下面是我的自定义身份验证提供程序的代码.
Below is the code for my custom authentication provider.
public class CustomAuthenticationProvider extends DaoAuthenticationProvider {
@Autowired
private AuthenticationService authenticationService;
@Override
public Authentication authenticate(Authentication authentication) {
CustomAuthenticationToken auth = (CustomAuthenticationToken) authentication;
String username = String.valueOf(auth.getPrincipal());
String password = String.valueOf(auth.getCredentials());
try {
Users user = new User();
user.setUsername(username);
user.setPassword(PasswordUtil.encrypt(password));
user = authenticationService.validateLogin(user);
return auth;
} catch (Exception e) {
throw new BadCredentialsException("Username/Password does not match for " + username);
}
}
@Override
public boolean supports(Class<? extends Object> authentication) {
return (CustomAuthenticationToken.class.isAssignableFrom(authentication));
}
}
我在下面的行中收到NullpointerException
Here i am getting NullpointerException on the following line
user = authenticationService.validateLogin(user);
authenticationService在自定义身份验证提供程序中未自动连接.虽然相同的服务authenticationService在我的MVC控制器中以相同的方式自动接线.
The authenticationService is not getting autowired in the custom authentication provider. While the same service authenticationService is autowired in the same way in my MVC controller.
这是因为身份验证提供程序是Spring安全组件吗?
Is this because authentication provider is a Spring security component?
下面是我的web.xml
Below is a my web.xml
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring/myApp-security.xml
</param-value>
</context-param>
<servlet>
<servlet-name>myApp</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/myApp-servlet.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>myApp</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
-
我在spring安全配置文件中添加了以下几行.
I have added the following lines in my spring security configuration file.
<beans:bean id="customAuthenticationProvider" class="com.myApp.security.provider.CustomAuthenticationProvider">
<beans:property name="userDetailsService" ref="userDetailsService"/>
</beans:bean>
请帮助如何在Spring安全组件中自动连接我的服务类?
Please help how to autowire my service classes in the Spring security components?
推荐答案
也许未在根应用程序上下文中启用自动装配后处理器(但在DispatcherServlet
上下文中启用了自动装配后处理器,这是<mvc:annotation-driven>
或
Perhaps autowiring postprocessor is not enabled in the root application context (but enabled in the DispatcherServlet
's context as a side effect of <mvc:annotation-driven>
or <context:component-scan>
).
您可以通过将<context:annotation-config>
添加到myApp-security.xml
来启用它.
You can enable it by adding <context:annotation-config>
to myApp-security.xml
.
这篇关于@Autowire在Spring Security自定义身份验证提供程序中不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!