org.springframework.security.web.FilterChainProxy.getFilters上的NullPointerException [英] NullPointerException at org.springframework.security.web.FilterChainProxy.getFilters
问题描述
java.lang.NullPointerException
at org.springframework.security.web.FilterChainProxy.getFilters(FilterChainProxy.java:223)
在org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:196)
在org.springframework。 security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)
at org.springframework.web.filter。 DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter( ApplicationFilterChain.java:208)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
at org.springframework.web.filter.OncePerRequestFilter.doFilter (OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java :208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
在org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
在org.apache。 catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421)
at org.apache.coyote.http11。 AbstractHttp11Processor。进程(AbstractHttp11Processor.java:1074)
at org.apache.coyote.AbstractProtocol $ AbstractConnectionHandler.process(AbstractProtocol.java:611)
at org.apache.tomcat.util.net.JIoEndpoint $ SocketProcessor。运行(JIoEndpoint.java:314)
在java.util.concurrent.ThreadPoolExecutor.runWorker(未知源)$ b $在java.util.concurrent.ThreadPoolExecutor $ Worker.run(未知源)
在org.apache.tomcat.util.threads.TaskThread $ WrappingRunnable.run(TaskThread.java:61)$ b $在java.lang.Thread.run(未知源)
在web.xml中包含过滤器
< / p ;?xml version =1.0encoding =UTF-8?>
< web-app xmlns =http://xmlns.jcp.org/xml/ns/javaee
xmlns:xsi =http://www.w3.org/2001/XMLSchema -instance
xsi:schemaLocation =http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd
version =3.1>
< listener>
< listener-class> org.springframework.web.context.ContextLoaderListener< / listener-class>
< / listener>
< filter>
< filter-name> encoding-filter< / filter-name>
< filter-class>
org.springframework.web.filter.CharacterEncodingFilter
< / filter-class>
< init-param>
< param-name>编码< /参数名称>
< param-value> UTF-8< / param-value>
< / init-param>
< init-param>
< param-name> forceEncoding< / param-name>
< param-value> true< /参数值>
< / init-param>
< / filter>
< filter-mapping>
< filter-name> encoding-filter< / filter-name>
< url-pattern> / *< / url-pattern>
< / filter-mapping>
< filter>
< filter-name> springSecurityFilterChain< / filter-name>
< filter-class> org.springframework.web.filter.DelegatingFilterProxy< / filter-class>
< / filter>
< filter-mapping>
< filter-name> springSecurityFilterChain< / filter-name>
< url-pattern> / *< / url-pattern>
< / filter-mapping>
< welcome-file-list>辛辛范范范中范范辛辛程范中的区范辛辛亦方程区读亦
< / welcome-file-list>
< display-name> Spring MVC Application< / display-name>
< context-param>
< param-name> contextConfigLocation< / param-name>
< param-value> classpath:applicationContext.xml< / param-value>
< / context-param>
< servlet>
< servlet-name> mvc-dispatcher< / servlet-name>
< servlet-class> org.springframework.web.servlet.DispatcherServlet< / servlet-class>
0< / load-on-startup>
< / servlet>
< servlet-mapping>
< servlet-name> mvc-dispatcher< / servlet-name>
< url-pattern> /< / url-pattern>
< / servlet-mapping>
为此创建一个bean在applicationContext文件中筛选:
$ $ p $ < bean id =springSecurityFilterChainclass =org.springframework.security.web.FilterChainProxy > < /豆腐>
在我在applicationContext文件中注册这个bean之前,我有一个错误 'springSecurityFilterChain'被定义
我不使用spring-security.xml进行配置,并在SecurityConfig类中配置安全性。公共类SecurityConfig扩展WebSecurityConfigurerAdapter {
$ b $私有UserDetailsServiceImpl userDetailsService;
$ b $ @Autowired
public void registerGlobalAuthentication(AuthenticationManagerBuilder auth)throws Exception {
auth
.userDetailsService(userDetailsService);
$ b @Override
protected void configure(HttpSecurity http)throws Exception {
http.csrf()
.disable()
.authorize()
.anyRequest()。permitAll()
.and(); .authorizeRequests()
.antMatchers(/ resources / **,/ **)。
http.formLogin()
.loginPage(/ login)
.loginProcessingUrl(/ j_spring_security_check)
.failureUrl(/ login?error )
.usernameParameter(j_username)
.passwordParameter(j_password)
.permitAll();
http.logout()
.permitAll()
.logoutUrl(/ logout)
.logoutSuccessUrl(/ login?logout)
.invalidateHttpSession(true);
$ b $ / code $ / pre
$ b $ p
我认为这是spring-security文件配置中的一些问题,但是我不明白是什么错。 解决方案
我已经弄清楚了这里发生了什么,但是我认为你只需要坚持使用Java Config或XML配置,而不是混合和匹配Spring MVC和安全性。
$ b
在XML配置中,springSecurityFilterChain是由spring-security.xml中的 http 命名空间创建的。请参阅此处。因为你已经切换到java配置没有springSecurityFilterChain创建,这正是应用程序正在抱怨。
要创建springSecurityFilterChain您需要执行以下2个步骤。
第1步 从web.xml中删除以下内容 p> 第2步 创建一个 现在 现在您必须自己创建AbstractContextLoaderInitializer。第一步:从web.xml中删除 第二步:创建一个类 和 就像我说过的,你可以更好地创建java或xml配置。 I tried to use spring-security, and get this error. I include filter in web.xml And create a bean for this filter in applicationContext file: Before I register this bean in applicationContext file I Have an error I don't use spring-security.xml for configuration, and configure security in a SecurityConfig class. } I think that is some problems with configuration of spring-security file, but I can't understand what is wrong. I have figured out what is going on here, but I think you are much better off sticking to only Java Config or XML config rather than mixing and matching them in relation to integration Spring MVC and Security. In XML Configuration, The springSecurityFilterChain is created by the To Create the springSecurityFilterChain in you need to do the following 2 steps. Step 1 Remove the following from your web.xml Step 2 Create a Now So now you have to create AbstractContextLoaderInitializer yourself. For this I have made 2 changes Step 1 :- Remove below from web.xml Step 2:- Create a Class and Like I said, you are much better of creating either java or xml config. 这篇关于org.springframework.security.web.FilterChainProxy.getFilters上的NullPointerException的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
< filter>
< filter-name> springSecurityFilterChain< / filter-name>
< filter-class> org.springframework.web.filter.DelegatingFilterProxy< / filter-class>
< / filter>
< filter-mapping>
< filter-name> springSecurityFilterChain< / filter-name>
< url-pattern> / *< / url-pattern>
< / filter-mapping>
AbstractSecurityWebApplicationInitializer ,它将为您创建springsecurityfilterchain。
public class SpringSecurityInitializer extends
AbstractSecurityWebApplicationInitializer {
}
AbstractSecurityWebApplicationInitializer documentation 表示
与AbstractSecurityWebApplicationInitializer()一起使用时,通常除了使用AbstractContextLoaderInitializer的子类外,还使用此类。 / p>
$ < listener>
< listener-class> org.springframework.web.context.ContextLoaderListener< / listener-class>
< / listener>
< context-param>
< param-name> contextConfigLocation< / param-name>
< param-value>
/WEB-INF/applicationContext.xml
< / param-value>
SpringAnnotationWebInitializer 和 ApplicationContextSpring ,它们将具有以下内容:
$ b $ pre $ public class SpringAnnotationWebInitializer extends
AbstractContextLoaderInitializer {
$ b $ @Override
protected WebApplicationContext createRootApplicationContext(){
AnnotationConfigWebApplicationContext applicationContext = new AnnotationConfigWebApplicationContext();
applicationContext.register(ApplicationContextSpring.class);
返回applicationContext;
$ b code
$ b ApplicationContextSpring 将会是
$ @ @mportResource(classpath:applicationContext.xml )
@Import(SecurityConfig.class)
public class ApplicationContextSpring {
}
java.lang.NullPointerException
at org.springframework.security.web.FilterChainProxy.getFilters(FilterChainProxy.java:223)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:196)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1074)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:314)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Unknown Source)
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
version="3.1">
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<filter>
<filter-name>encoding-filter</filter-name>
<filter-class>
org.springframework.web.filter.CharacterEncodingFilter
</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encoding-filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<display-name>Spring MVC Application</display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:applicationContext.xml</param-value>
</context-param>
<servlet>
<servlet-name>mvc-dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>0</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>mvc-dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy"> </bean>
no bean named 'springSecurityFilterChain' is definedpublic class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsServiceImpl userDetailsService;
@Autowired
public void registerGlobalAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth
.userDetailsService(userDetailsService);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf()
.disable()
.authorizeRequests()
.antMatchers("/resources/**", "/**").permitAll()
.anyRequest().permitAll()
.and();
http.formLogin()
.loginPage("/login")
.loginProcessingUrl("/j_spring_security_check")
.failureUrl("/login?error")
.usernameParameter("j_username")
.passwordParameter("j_password")
.permitAll();
http.logout()
.permitAll()
.logoutUrl("/logout")
.logoutSuccessUrl("/login?logout")
.invalidateHttpSession(true);
}
http namespace in your spring-security.xml. Refer here. Since you have switched to java config there is no springSecurityFilterChain created which is exactly what the application is complaining about. <filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
AbstractSecurityWebApplicationInitializer which will create the springsecurityfilterchain for you.public class SpringSecurityInitializer extends
AbstractSecurityWebApplicationInitializer {
}
AbstractSecurityWebApplicationInitializer documentation says that
When used with AbstractSecurityWebApplicationInitializer(), this class is typically used in addition to a subclass of AbstractContextLoaderInitializer. <listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext.xml
</param-value>
SpringAnnotationWebInitializer and ApplicationContextSpring which will have the following contentpublic class SpringAnnotationWebInitializer extends
AbstractContextLoaderInitializer {
@Override
protected WebApplicationContext createRootApplicationContext() {
AnnotationConfigWebApplicationContext applicationContext = new AnnotationConfigWebApplicationContext();
applicationContext.register(ApplicationContextSpring.class);
return applicationContext;
}
}
ApplicationContextSpring will be@Configuration
@ImportResource("classpath:applicationContext.xml")
@Import(SecurityConfig.class)
public class ApplicationContextSpring {
}
