堆棧內存溢出
  簡體   English   中英

spring security config xml to java

[英]spring security config xml to java

 原文  2015-06-24 11:35:18       java/ xml/ spring

問題描述

有人可以幫助我從基於xml的spring配置遷移到基於java的嗎?

這是我的xml配置: 

<!--suppress SpringFacetInspection, SpringSecurityFiltersConfiguredInspection -->
<beans:beans xmlns="http://www.springframework.org/schema/security"
             xmlns:beans="http://www.springframework.org/schema/beans"
             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xmlns:context="http://www.springframework.org/schema/context"
             xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
                                 http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">


    <global-method-security pre-post-annotations="enabled"/>
    <context:annotation-config/>
    <context:spring-configured/>


    <beans:bean name="userLoginService" class="service.UserLoginService"/>

    <beans:bean name="standardPasswordEncoder"
                class="org.springframework.security.crypto.password.StandardPasswordEncoder">
        <beans:constructor-arg name="secret" value="supersecret"/>
    </beans:bean>

    <http auto-config="true" use-expressions="true">
        <intercept-url pattern="/javax.faces.resources/**" access="permitAll"/>
        <intercept-url pattern="/view/unsecured/**" access="permitAll"/>
        <intercept-url pattern="/view/secured/**" access="isAuthenticated()" />
        <intercept-url pattern="/view/admin/**" access="hasRole('ROLE_SUPERUSER')"/>
        <intercept-url pattern="/admin/**" access="hasRole('ROLE_SUPERUSER')"/>

        <form-login login-page="/view/unsecured/login.xhtml"/>
        <logout logout-success-url="/index.xhtml" invalidate-session="true" delete-cookies="true"/>
    </http>

    <authentication-manager alias="authenticationManager">
        <authentication-provider user-service-ref="userLoginService">
            <password-encoder ref="standardPasswordEncoder"/>
        </authentication-provider>
    </authentication-manager>

</beans:beans>

這是我的java嘗試: 

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Bean(name = "standardPasswordEncoder")
    public PasswordEncoder standardPasswordEncoder() {
        return new StandardPasswordEncoder("supersecret");
    }

    @Bean(name = "userDetailService")
    @Override
    public UserDetailsService userDetailsServiceBean() {
        return new UserLoginService();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                //.userDetailsService(userDetailsService())
                .authorizeRequests()
                .antMatchers("/view/secured/**").fullyAuthenticated()
                .antMatchers("/admin/**", "/view/admin/**").access("hasRole('ROLE_SUPERUSER')")
                .antMatchers("/index.xhtml", "/view/unsecured/**", "/javax.faces.resources/**").permitAll()
                .and()
                .formLogin().loginPage("/view/unsecured/login.xhtml")
                .usernameParameter("email").passwordParameter("password")
                .and()
                .logout().logoutSuccessUrl("/index.xhtml").invalidateHttpSession(true).deleteCookies("JSESSIONID")
                .and()
                .exceptionHandling().accessDeniedPage("/error.xhtml")
                .and()
                .csrf().disable();
    }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService()).passwordEncoder(standardPasswordEncoder());
    }
}

當我嘗試登錄時,我得到例外 

Caused by: java.lang.StackOverflowError: null
        at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter$UserDetailsServiceDelegator.loadUserByUsername(WebSecurityConfigurerAdapter.java:386)
        at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter$UserDetailsServiceDelegator.loadUserByUsername(WebSecurityConfigurerAdapter.java:387)
...

我錯過了什么,或者出了什么問題? 謝謝

1 個解決方案

解決方案1
 3 已采納  2015-06-24 11:53:53

重寫userDetailsService()方法,而不是userDetailsServiceBean()方法。 這就是導致無限遞歸的原因。 而且無需將其聲明為@Bean

應該只是: 

@Override
public UserDetailsService userDetailsService() {
    return new UserLoginService();
}

或者 - 如果您在UserLoginService上有@Service注釋(以及將獲取該類的組件掃描),您可以避免手動創建bean,只需將UserLoginService直接注入配置方法: 

@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth, UserLoginService userDetailsService) throws Exception {
    auth.userDetailsService(userDetailsService).passwordEncoder(standardPasswordEncoder());
}

然后你不需要覆蓋userDetailsServiceBeanuserDetailsService :因為他們正在做的就是創建該bean的實例。

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 Spring Security XML配置與Java配置 Spring Security從XML配置到Java配置 Spring Security Java配置 具有XML配置的Spring Java Config 帶有Java Config且沒有xml的Spring 4 Spring XML到JAVA Config 帶有Java配置的Spring Security AuthenticationFailureHandler Spring Security Java配置問題 Spring Security OAuth Java配置 使用Vaadin進行Spring安全性的Java配置
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM