在其他程序包中扩展WebSecurityConfigurerAdapter类时,自定义安全性不起作用 [英] Custom security is not working when extending the WebSecurityConfigurerAdapter class in different package
问题描述
除了包含 @SpringBootApplication
的类的软件包以外,我在其他软件包中具有扩展名 WebSecurityConfigurerAdapter
.然后,它无法生成默认的用户名和密码.
I have extendend WebSecurityConfigurerAdapter
in a different package other than the package containing class for @SpringBootApplication
. Then it's not working its generating default username and password.
当它在同一个程序包中时,它工作正常.
And it's working fine when it's in the same package.
package com.example;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class DemoApplication {
public static void main(String[] args) {
SpringApplication.run(DemoApplication.class, args);
}
}
扩展 WebSecurityConfigurerAdapter
package com.securitymodule;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@EnableWebSecurity
public class WebSecurity extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
// TODO Auto-generated method stub
super.configure(http);
http.antMatcher("/**").authorizeRequests().anyRequest().hasRole("USER").and().formLogin();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("user").password("password").roles("USER");
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// TODO Auto-generated method stub
super.configure(auth);
auth.
inMemoryAuthentication()
.withUser("user").password("password").roles("USER");
}
}
推荐答案
@SpringBootApplication
是 @Configuration
, @EnableAutoConfiguration
的简写, @ComponentScan
.这使得Spring可以为当前的软件包和低于此级别的软件包做组件扫描.因此,将扫描 com.example
中和 com.example
下的所有类以查找bean创建,而不会扫描 com.example
以上的任何其他类,如com.securitymodule
@SpringBootApplication
is a short hand for @Configuration
, @EnableAutoConfiguration
, @ComponentScan
. This makes Spring to do componentscan for the current packages and packages below this. So all classes in com.example
and under com.example
are scanned for bean creation while not any others above com.example
like com.securitymodule
因此可以将 @ComponentScan(basePackages = {"com.securitymodule"})
添加到您的主类中,或将 WebSecurityConfigurerAdapter
的软件包制作为 com.example.securitymodule
Hence either add @ComponentScan(basePackages = {"com.securitymodule"})
into your main class, or make the package of WebSecurityConfigurerAdapter
as com.example.securitymodule
这篇关于在其他程序包中扩展WebSecurityConfigurerAdapter类时,自定义安全性不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!