在其他程序包中扩展WebSecurityConfigurerAdapter类时，自定义安全性不起作用 [英] Custom security is not working when extending the WebSecurityConfigurerAdapter class in different package

问题描述

除了包含 @SpringBootApplication 的类的软件包以外，我在其他软件包中具有扩展名 WebSecurityConfigurerAdapter .然后，它无法生成默认的用户名和密码.

I have extendend WebSecurityConfigurerAdapter in a different package other than the package containing class for @SpringBootApplication. Then it's not working its generating default username and password.

当它在同一个程序包中时，它工作正常.

And it's working fine when it's in the same package.

package com.example;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;



@SpringBootApplication
public class DemoApplication {

    public static void main(String[] args) {
        SpringApplication.run(DemoApplication.class, args);
    }
}

扩展 WebSecurityConfigurerAdapter

package com.securitymodule;


import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@EnableWebSecurity
public class WebSecurity extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // TODO Auto-generated method stub
        super.configure(http);
        http.antMatcher("/**").authorizeRequests().anyRequest().hasRole("USER").and().formLogin();
    }


    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth
        .inMemoryAuthentication()
        .withUser("user").password("password").roles("USER");
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        // TODO Auto-generated method stub
        super.configure(auth);
        auth.
        inMemoryAuthentication()
        .withUser("user").password("password").roles("USER");
    }


}

推荐答案

@SpringBootApplication 是 @Configuration ， @EnableAutoConfiguration 的简写， @ComponentScan .这使得Spring可以为当前的软件包和低于此级别的软件包做组件扫描.因此，将扫描 com.example 中和 com.example 下的所有类以查找bean创建，而不会扫描 com.example 以上的任何其他类，如com.securitymodule

@SpringBootApplication is a short hand for @Configuration, @EnableAutoConfiguration, @ComponentScan. This makes Spring to do componentscan for the current packages and packages below this. So all classes in com.example and under com.example are scanned for bean creation while not any others above com.example like com.securitymodule

因此可以将 @ComponentScan(basePackages = {"com.securitymodule"})添加到您的主类中，或将 WebSecurityConfigurerAdapter 的软件包制作为 com.example.securitymodule

Hence either add @ComponentScan(basePackages = {"com.securitymodule"}) into your main class, or make the package of WebSecurityConfigurerAdapter as com.example.securitymodule

这篇关于在其他程序包中扩展WebSecurityConfigurerAdapter类时，自定义安全性不起作用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！