使用自定义提供程序的Spring Boot安全性
[英]Spring boot security using custom provider
问题描述
我的要求是使用Spring Boot实现安全性。 我已将配置文件配置如下:
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
UserDetailsService userDetailsService;
@Bean
public CustomUserDetailsDao userDao(){
return new CustomUserDetailsDao(profileData());
}
@Bean
public ProfileData profileData(){
return new XStreamProfileData();
}
/*
@Autowired
Environment env;
@Bean
public DataSource dataSource() {
DataSourceBuilder dataSourceBuilder = DataSourceBuilder.create();
dataSourceBuilder.url(env.getProperty()dbUrl);
dataSourceBuilder.username(username);
dataSourceBuilder.password(password);
return dataSourceBuilder.build();
}*/
@Bean
public CustomDaoAuthenticationProvider authProvider() {
CustomDaoAuthenticationProvider provider = new CustomDaoAuthenticationProvider();
// setters inside provider goes here
provider.setUserDetailsService(userDao());
return provider;
}
@Autowired
private RestAuthenticationEntryPoint restAuthenticationEntryPoint;
@Autowired
private AuthenticationFailureHandler authenticationFailureHandler;
@Autowired
private AuthenticationSuccessHandler authenticationSuccessHandler;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/", "/home")
.permitAll()
.antMatchers("/admin")
.hasRole("ADMIN")
.anyRequest().authenticated().and()
.formLogin().permitAll()
.successHandler(authenticationSuccessHandler)
.failureHandler(authenticationFailureHandler);
}
@Autowired
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authProvider());
}
}
在这里,我试图从打包为jar并已部署的已经实施的项目中自动装配CustomDaoAuthenticationProvider。 我在我的pom.xml中添加了这个jar作为依赖项
Spring jar中的CustomDaoAuthenticationProvider的概要如下:-
public class CustomDaoAuthenticationProvider extends DaoAuthenticationProvider {
public CustomDaoAuthenticationProvider() {
super();
}
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
//Code for User authentication goes here
}
}
请注意,该类未使用@Component进行注释。
在运行spring boot应用程序时,在注入了自定义提供程序所需的所有bean之后,我得到一个错误:
Caused by: java.lang.IllegalArgumentException: 'dataSource' or 'jdbcTemplate' is required
at org.springframework.jdbc.core.support.JdbcDaoSupport.checkDaoConfig(JdbcDaoSupport.java:111)
at org.springframework.dao.support.DaoSupport.afterPropertiesSet(DaoSupport.java:44)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1687)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1624)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:555)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'userDao' defined in class path resource : Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: 'dataSource' or 'jdbcTemplate' is required
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1628)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:555)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197)
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.obtainBeanInstanceFromFactory(ConfigurationClassEnhancer.java:389)
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:361)
at com.security.myapp.springsecuritymyapp.config.SecurityConfiguration$$EnhancerBySpringCGLIB$82E.userDao(<generated>)
at com.security.myapp.springsecuritymyapp.config.SecurityConfiguration.authProvider(SecurityConfiguration.java:43)
at com.security.myapp.springsecuritymyapp.config.SecurityConfiguration$$EnhancerBySpringCGLIB$$87f94c8.(<generated>)
at com.security.myapp.springsecuritymyapp.config.SecurityConfiguration$$EnhancerBySpringc.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228)
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:358)
at com.security.myapp.springsecuritymyapp.config.SecurityConfiguration$$EnhancerBySpringCGLIB$$87f094c8.authProvider(<generated>)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:162)
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1173)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1067)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:513)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197)
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.obtainBeanInstanceFromFactory(ConfigurationClassEnhancer.java:389)
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:361)
at com.security.myapp.springsecuritymyapp.config.SecurityConfiguration$$EnhancerBySpringCGLIB.authProvider(<generated>)
at com.security.myapp.springsecuritymyapp.config.SecurityConfiguration.configure(SecurityConfiguration.java:94)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
请帮我解决以上错误
2 个解决方案
解决方案1
1 2017-08-23 05:42:59
由于您使用的是DaoAuthenticationProvider ,因此必须将dataSource作为bean。
为了使数据源正常工作,您必须添加以下依赖项。
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jdbc</artifactId>
</dependency>
在上面添加的内容中,还必须添加JDBC驱动程序依赖项。
例如对于MySql,以下是依赖性。
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>6.0.6</version>
</dependency>
在应用程序属性中,您必须按如下所示配置JDBC属性(MySql示例)
spring.datasource.url=jdbc:mysql://localhost/test
spring.datasource.username=dbuser
spring.datasource.password=dbpass
spring.datasource.driver-class-name=com.mysql.jdbc.Driver
解决方案2
0 已采纳 2017-08-23 05:47:37
根据日志,错误来自userDao bean创建,因为它没有分配datasource或jdbcTempalte 。
BeanCreationException: Error creating bean with name 'userDao' defined in
class path resource : Invocation of init method failed; nested exception is
java.lang.IllegalArgumentException: 'dataSource' or 'jdbcTemplate' is
required
假设在您的application.properties上设置了所有spring.datasource ,然后确保CustomUserDetailsDao注入了DataSource bean,如下所示
@Bean
public CustomUserDetailsDao userDao(DataSource datasoruce){
CustomUserDetailsDao myUserDao = new CustomUserDetailsDao(profileData());
myUserDao.setDataSource(datasource);
return myUserDao;
}
h2数据库的application.properties
spring.datasource.url:jdbc:h2:~/test2
spring.datasource.driverClassName=org.h2.Driver
spring.datasource.username=sa
spring.datasource.password=
spring.jpa.database-platform=org.hibernate.dialect.H2Dialect
这是Dao实现的例子
使用自定义身份验证提供程序在 Spring Security 中接受无效密码
[英]Invalid password is accepted in spring security using custom Authentication Provider
自定义异常在使用 spring 引导和 spring 安全性的过滤器中不起作用
[英]Custom exception is not working in filter using spring boot and spring security
Spring Security 自定义登录和自定义身份验证提供程序
[英]Spring Security Custom Login And Custom Authentication Provider
使用Spring Security配置自定义LDAP身份验证提供程序
[英]Configuring a Custom LDAP Authentication Provider with Spring Security
Spring Security 2 userDetailsService问题上的自定义身份验证提供程序
[英]Custom Authentication Provider on Spring Security 2 userDetailsService issue
Spring Security 和 Keycloak 因自定义身份验证提供程序而失败
[英]Spring Security and Keycloak fails with a custom authentication provider
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
Spring Security和自定义身份验证提供程序
使用自定义身份验证提供程序在 Spring Security 中接受无效密码
自定义异常在使用 spring 引导和 spring 安全性的过滤器中不起作用
Spring Boot Security 4自定义PasswordEncoder
自定义 spring 启动安全未应用
Spring Security 自定义登录和自定义身份验证提供程序
Spring Security自定义身份验证提供程序403响应
使用Spring Security配置自定义LDAP身份验证提供程序
Spring Security 2 userDetailsService问题上的自定义身份验证提供程序
Spring Security 和 Keycloak 因自定义身份验证提供程序而失败
相关标签