![](/img/trans.png)
[英]I am following spring xml based configuraiton so How TokenBasedRememberMeServices configuration in spring-security.xml file?
[英]Why I can't inject this bean annoted with @Service into a bean declared into the spring-security.xml configuration file?
我在Spring中还很新,尝试将一个bean注入名为CustomUserDetailsMapper的类时遇到一些问题(我认为它可能取决于范围问题)。
因此,这是我的CustomUserDetailsMapper的代码,该类扩展了LdapUserDetailsMapper ,在LDAP身份验证后将自动调用该类,并且LDAP身份验证提供程序将其用于创建LDAP用户对象。 (但并不重要,唯一重要的是Spring会自动调用它)
package it.myCompany.miur.gestioneUtenze.security;
// IMPORT REMOVED FROM THE CODE SNIPPET
public class CustomUserDetailsMapper extends LdapUserDetailsMapper {
private static final Logger _logger = Logger.getLogger(CustomUserDetailsMapper.class.getName());
@Autowired
private ProgettoService progettoService;
@Override
public UserDetails mapUserFromContext(DirContextOperations dirContextOperations, String userName, Collection<? extends GrantedAuthority> authorities) {
...............................................
...............................................
...............................................
USE progettoService VARIABLE
...............................................
...............................................
...............................................
}
}
如您在前面的代码中所看到的,我试图通过以下方式注入ProgettoService (该服务对DB执行一些查询):
@Autowired
private ProgettoService progettoService;
问题是,当执行mapUserFromContext()方法时,此字段为null ,因此我无法在此方法内使用它。
在我看来,这很奇怪,因为我以类似的方式(构造函数注入)将此bean注入到控制器类中(这种方式构造函数注入):
package it.myCompany.miur;
@Controller
public class HomeController {
@Autowired
public HomeController(ProgettoService progettoService,ScuolaService scuolaService) {
this.progettoService = progettoService;
this.scuolaService=scuolaService;
}
...........................................
...........................................
...........................................
}
在第二种情况下,它工作正常,我可以正确使用ProgettoService对象。
因此,我的应用程序的配置是通过以下XML文件完成的:
1) web.xml :
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>classpath:/META-INF/log4j.properties</param-value>
</context-param>
<!-- Processes application requests -->
<servlet>
<servlet-name>appServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/appServlet/servlet-context.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>appServlet</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<!-- Creates the Spring Container shared by all Servlets and Filters -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- The definition of the Root Spring Container shared by all Servlets and Filters -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring/spring-security.xml
/WEB-INF/spring/root-context.xml
</param-value>
</context-param>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
如您所见,在其中定义了以下其他XML配置文件:
2) servlet-context.xml :用于MVC配置:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/mvc"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<!-- DispatcherServlet Context: defines this servlet's request-processing infrastructure -->
<!-- Enables the Spring MVC @Controller programming model -->
<annotation-driven />
<!-- Handles HTTP GET requests for /resources/** by efficiently serving up static resources in the ${webappRoot}/resources directory -->
<resources mapping="/resources/**" location="/resources/" />
<!-- Resolves views selected for rendering by @Controllers to .jsp resources in the /WEB-INF/views directory -->
<beans:bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<beans:property name="prefix" value="/WEB-INF/views/" />
<beans:property name="suffix" value=".jsp" />
</beans:bean>
<context:component-scan base-package="it.myCompany.miur" />
</beans:beans>
如您在此文件中看到的,定义了:
<annotation-driven />
启用Spring MVC @Controller编程模型,并指定要扫描的包(在其中搜索@Controller和派生的注释):
<context:component-scan base-package="it.myCompany.miur" />
这个推理正确吗?
3) spring-security.xml :在哪里定义安全性配置:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-4.0.xsd">
<ldap-server id="ldapServer"
url="${ldap.connection.url}"
manager-dn="${ldap.connection.admin.user}"
manager-password="${ldap.connection.admin.password}"/>
<http auto-config="true" use-expressions="true" authentication-manager-ref="authenticationManager">
<intercept-url pattern="/" access="permitAll" />
<!--<intercept-url pattern="/resetPassword" access="permitAll" />
<intercept-url pattern="/nuovaPassword" access="permitAll" />
<intercept-url pattern="resources/css/style.css" access="permitAll"/>
<intercept-url pattern="resources/img/*" access="permitAll"/>-->
<intercept-url pattern="/home" access="isAuthenticated()" />
<logout logout-success-url="/" logout-url="/logout" />
<form-login login-page="/"
authentication-failure-url="/?error=true"
default-target-url="/home"
username-parameter="username"
password-parameter="password"
login-processing-url="/j_spring_security_check"/>
<csrf disabled="true"/>
</http>
<!-- Authenticator -->
<beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator" id="ldapBindAuthenticator">
<beans:constructor-arg ref="ldapServer"/>
<beans:property name="userDnPatterns">
<beans:list><beans:value>cn={0},ou=Users,dc=miur,dc=it</beans:value>
<beans:value>ou=mailusers,o=mpi.it</beans:value>
</beans:list>
</beans:property>
</beans:bean>
<beans:bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
<beans:constructor-arg>
<beans:list>
<beans:ref bean="ldapAuthProvider" />
</beans:list>
</beans:constructor-arg>
</beans:bean>
<beans:bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
<beans:constructor-arg ref="ldapBindAuthenticator"/>
<beans:property name="userDetailsContextMapper" ref="customUserContextMapper"/>
</beans:bean>
<beans:bean id="customUserContextMapper" class="it.myCompany.miur.gestioneUtenze.security.CustomUserDetailsMapper"/>
</beans:beans>
如您所见,在XML配置文件中,通过以下方式定义了我的CustomUserDetailsMapper (无法注入ProgettoService bean的bean):
<beans:bean id="customUserContextMapper" class="it.myCompany.miur.gestioneUtenze.security.CustomUserDetailsMapper"/>
3)最后,我有了root-context.xml配置文件:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:ldap="http://www.springframework.org/schema/ldap"
xmlns:jpa="http://www.springframework.org/schema/data/jpa"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:jee="http://www.springframework.org/schema/jee"
xsi:schemaLocation="http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-4.1.xsd
http://www.springframework.org/schema/data/repository http://www.springframework.org/schema/data/repository/spring-repository-1.7.xsd
http://www.springframework.org/schema/ldap http://www.springframework.org/schema/ldap/spring-ldap-2.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.1.xsd
http://www.springframework.org/schema/data/jpa http://www.springframework.org/schema/data/jpa/spring-jpa.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.1.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.1.xsd">
<!-- Root Context: defines shared resources visible to all other web components -->
<!--<context:property-placeholder
location="file:///${jboss.modules.dir}/system/layers/base/it/myCompany/gestioneUtenze/main/gestioneUtenze.properties classpath*:gestioneUtenze_local.properties" />-->
<context:property-placeholder
location="classpath*:wifi.properties" />
<jpa:repositories base-package="it.myCompany.miur.wifipnsd.repository"
entity-manager-factory-ref="entityManagerFactory"
transaction-manager-ref="transactionManager"/>
<bean id="entityManagerFactory" name="wifipnsd"
class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
<property name="dataSource" ref="datasource" />
<property name="persistenceUnitName" value="wifipnsdPU" />
<property name="jpaVendorAdapter">
<bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter" >
<property name="showSql" value="false" />
<property name="generateDdl" value="false" />
<property name="database" value="MYSQL"/>
<property name="databasePlatform" value="org.hibernate.dialect.MySQLDialect" />
</bean>
</property>
</bean>
<bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager">
<property name="entityManagerFactory" ref="entityManagerFactory" />
</bean>
<tx:annotation-driven transaction-manager="transactionManager" />
<!-- Data Source -->
<jee:jndi-lookup jndi-name="java:jboss/datasources/wifiDS"
id="datasource" expected-type="javax.sql.DataSource" />
<bean id="messageSource"
class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="basename" value="message" />
</bean>
在哪里配置了数据源和休眠配置。
那么,为什么使用@Autowired可以将ProgettoService对象注入HomeController控制器类中却不能将其注入ProgettoService类中呢? 我想念什么? 如何解决此问题并将其也注入ProgettoService类?
也许问题可能取决于以下事实:在子上下文(servlet上下文)中声明的bean可以看到在父上下文中声明的bean,反之亦然? 我不知道该如何解决。 你能帮助我吗?
您必须将<context:component-scan ...>
到root-context.xml
并将ProgettoService
实现注释为@Service
。
Spring需要<context:component.scan ../>
来知道必须在哪里查找注释。 需要使用@Service
批注来春季管理Bean的生命周期,并且可以自动装配Bean。
有关更多信息,请参见@Service的javadoc。
您需要了解的是两种不同的情况
由ContextLoaderListener
创建的根上下文以及DispatcherServlet
创建的子上下文 。
由于CustomUserDetailsMapper
没有任何注释,例如:@Service,因此无法通过servlet-context.xml
组件中提到的扫描来选择。 因此,不在调度程序servlet的子上下文中。 但是在Homecontroller的情况下,您还有@Controller
以及ProgettoService
在组件扫描程序包路径中。
由于spring-security.xml
的bean定义,根上下文中存在CustomUserDetailsMapper
。 这就是最初未注入bean的原因。
我建议从spring-security.xml
删除bean定义,并在适当的时候使用@Service或@Component注释CustomUserDetailsMapper
类。 这将作为CustomUserDetailsMapper
在组件扫描路径中工作。
通过实现Jens的答案,您基本上已经在两种情况下都复制了bean。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.