ubuntu 使用WebSecurityConfiguration,因为不再支持WebSecurityConfigurerAdapter选项,而是停留在循环引用中[重复]

um6iljoc  于 2023-10-17  发布在  其他
关注(0)|答案(1)|浏览(105)

这个问题已经有答案了

Spring Boot circular reference is already handled in application.properties but seems ignored by Java Spring Boot executable jar file(1个答案)
2个月前关闭。
因此我使用Java Sping Boot 创建了这个简单登录系统应用程序,并使用Spring Security进行身份验证。
这是应用程序的规范:

  • Spring工具套件4.18.0.RELEASE
  • Spring安全6
  • 使用Java 17
  • 构建在Linux ubuntu 22.04之上
  • Thymeleaf
  • 默认情况下,application.properties已位于SBTLEmpManSys/src/main/resources中的resource文件夹中
  • 我使用STS(Spring工具套件)提供的Maven构建功能将这些作品打包成可执行的jar文件

当我想为SecurityConfiguration.java使用WebSecurityConfigurerAdapter时,IDE没有提供该选项。它提供了WebSecurityConfiguration,所以我使用它。结果它给出了循环引用。
这是一个图表:

  1. The dependencies of some of the beans in the application context form a cycle:
  3. ┌─────┐
  4. |  securityConfiguration (field private org.springframework.security.config.annotation.web.builders.HttpSecurity org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.httpSecurity)
  5.      
  6. |  org.springframework.security.config.annotation.web.configuration.HttpSecurityConfiguration.httpSecurity defined in class path resource [org/springframework/security/config/annotation/web/configuration/HttpSecurityConfiguration.class]
  7. └─────┘

我通过在application.properties中设置spring.main.allow-circular-reference=true作为临时解决方案来完成我的工作。但是这个问题会在可执行的.jar文件中重新出现
另一方面,我需要这个安全配置文件为我的服务实现文件EmpServiceImpl.java提供BCryptPasswordEncoder
我试着在这里和那里使用@Lazy,但没有效果。我也试着通过谷歌和这个论坛来解决这个问题,但仍然无法解决。
有人能帮忙吗?这真让我给予头疼。
这是我的文件。
这是安全配置

  1. package com.kastamer.sbtl.config;
  3. import org.springframework.beans.factory.annotation.Autowired;
  4. import org.springframework.context.annotation.Bean;
  5. import org.springframework.context.annotation.Configuration;
  6. import org.springframework.context.annotation.Lazy;
  7. import org.springframework.context.annotation.PropertySource;
  8. import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
  9. import org.springframework.security.config.annotation.web.builders.HttpSecurity;
  10. import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
  11. import org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration;
  12. import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
  13. import org.springframework.security.web.SecurityFilterChain;
  14. import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
  16. import com.kastamer.sbtl.service.EmpService;
  18. @Configuration
  19. @PropertySource(value = "classpath:application.properties")
  20. @EnableWebSecurity
  21. public class SecurityConfiguration extends WebSecurityConfiguration {
  23. //  public EmpService empService;
  24.     
  25. //  @Lazy --> NO EFFECT
  26.     @Bean
  27.     public BCryptPasswordEncoder passwordEncoder() {
  28.         // TODO Auto-generated method stub
  29.         return new BCryptPasswordEncoder();
  30.     }
  31.     
  32. //  @Lazy --> NO EFFECT
  33.     @Bean
  34.     public SecurityFilterChain configure(HttpSecurity http) throws Exception {
  35.         // TODO Auto-generated method stub
  36.         AuthenticationManagerBuilder authManBuild = http.getSharedObject(AuthenticationManagerBuilder.class);
  37.         
  38.         http.authorizeHttpRequests((requests) -> requests.requestMatchers(
  39.                 "/registrasi",
  40.                 "/js**",
  41.                 "/css**",
  42.                 "/img**")
  43.                 .permitAll().anyRequest().authenticated())
  44.         .formLogin((form) -> form.loginPage("/login").permitAll())
  45.         .logout((logout) -> logout.invalidateHttpSession(true).clearAuthentication(true).logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessUrl("/login?logout").permitAll());
  46.         
  47.         return http.build();
  48.     }
  49. }

以下是服务实现:

  1. package com.kastamer.sbtl.service;
  3. import java.util.Arrays;
  4. import java.util.Collection;
  5. import java.util.List;
  6. import java.util.Optional;
  7. import java.util.stream.Collectors;
  9. import org.springframework.beans.factory.annotation.Autowired;
  10. import org.springframework.context.annotation.Lazy;
  11. import org.springframework.data.domain.Page;
  12. import org.springframework.data.domain.PageRequest;
  13. import org.springframework.data.domain.Pageable;
  14. import org.springframework.data.domain.Sort;
  15. import org.springframework.security.core.GrantedAuthority;
  16. import org.springframework.security.core.authority.SimpleGrantedAuthority;
  17. import org.springframework.security.core.userdetails.UserDetails;
  18. import org.springframework.security.core.userdetails.UsernameNotFoundException;
  19. import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
  20. import org.springframework.stereotype.Service;
  22. import com.kastamer.sbtl.model.EmpRole;
  23. import com.kastamer.sbtl.model.Employee;
  24. import com.kastamer.sbtl.repository.EmployeeRepository;
  25. import com.kastamer.sbtl.web.dto.EmpRegistrationDTO;
  27. @Service
  28. public class EmpServiceImpl implements EmpService {
  30.     @Autowired
  31.     private EmployeeRepository empRepDAO;
  32.     
  33.     @Autowired
  34.     private BCryptPasswordEncoder passwordEncoder;
  36.     //@Autowired //THIS is ADDITION to AVOID CIRCULAR REFERENCE --> ANNOTATION NO EFFECT
  37.     //public EmpServiceImpl(@Lazy EmployeeRepository empRepDAO) { //ANNOTATION '@Lazy' is ADDITION to AVOID CIRCULAR REFERENCE --> ANNOTATION NO EFFECT
  38.     public EmpServiceImpl(EmployeeRepository empRepDAO) {
  39.         super();
  40.         this.empRepDAO = empRepDAO;
  41.     }
  43.     @Override
  44.     public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
  45.         // TODO Auto-generated method stub
  46.         Employee pegawai = empRepDAO.findByEmail(username);
  47.         
  48.         if (pegawai == null) {
  49.             throw new UsernameNotFoundException("Email atau kata sandi tidak cocok!");
  50.         }
  51.         
  52.         return new org.springframework.security.core.userdetails.User(pegawai.getEmail(), pegawai.getPassword(), mapRolesToAuthority(pegawai.getRoles())); //return null;
  53.     }
  55.     @Override
  56.     public Employee save(EmpRegistrationDTO empRegistrationDTO) {
  57.         // TODO Auto-generated method stub
  58.         Employee karyawan = new Employee(
  59.                 empRegistrationDTO.getFullName(),
  60.                 empRegistrationDTO.getEmail(),
  61.                 passwordEncoder.encode(empRegistrationDTO.getPassword()),
  62.                 Arrays.asList(new EmpRole("ROLE_USER")));
  63.         
  64.         return empRepDAO.save(karyawan); //return null;
  65.     }
  67.     @Override
  68.     public void simpanPembaruanData(Employee employee) {
  69.         // TODO Auto-generated method stub
  70.         employee.setPassword(passwordEncoder.encode(employee.getPassword()));
  71.         
  72.         this.empRepDAO.save(employee);
  73.     }
  74.     
  75.     private Collection<? extends GrantedAuthority> mapRolesToAuthority(Collection<EmpRole> roles) {
  76.         // TODO Auto-generated method stub
  77.         return roles.stream().map(role -> new SimpleGrantedAuthority(role.getNamaRole())).collect(Collectors.toList());
  78.     }
  80.     //PART POJOK KARYAWAN
  81.     @Override
  82.     public List<Employee> getAllEmployees() {
  83.         // TODO Auto-generated method stub
  84.         return empRepDAO.findAll(); //return null;
  85.     }
  87.     @Override
  88.     public Employee getEmployeeById(long id) {
  89.         // TODO Auto-generated method stub
  90.         Optional<Employee> optEmp = empRepDAO.findById(id);
  91.         Employee empl = null;
  92.         
  93.         if (optEmp.isPresent()) {
  94.             empl = optEmp.get();
  95.         } else {
  96.             throw new RuntimeException("Karyawan dengan emp_id '" + id + "' tidak bisa ditemukan");
  97.         }
  98.         
  99.         return empl; //return null;
  100.     }
  102.     @Override
  103.     public void deleteEmployeeById(long id) {
  104.         // TODO Auto-generated method stub
  105.         this.empRepDAO.deleteById(id);
  106.     }
  108.     @Override
  109.     public Page<Employee> findPaginated(int pageNo, int pageSize, String sortField, String sortAscOrDesc) {
  110.         // TODO Auto-generated method stub
  111.         Sort runut = sortAscOrDesc.equalsIgnoreCase(Sort.Direction.ASC.name()) ? Sort.by(sortField).ascending() : Sort.by(sortField).descending();
  112.         
  113.         Pageable pageable = PageRequest.of(pageNo - 1, pageSize, runut);
  114.         
  115.         return this.empRepDAO.findAll(pageable); //return null;
  116.     }
  117. }

这是application.properties

  1. # DATASOURCE (DataSourceAutoConfiguration & DataSourceProperties)
  2. spring.datasource.url=jdbc:postgresql://localhost:5432/myDB
  3. spring.datasource.username=[POSTGRES_LOGIN]
  4. spring.datasource.password=[POSTGRES_PASSWORD]
  5. spring.datasource.driver-class-name=org.postgresql.Driver
  7. # The PostgreSQL dialect makes Hibernate generate better Postgresql for the chosen databse
  8. spring.jpa.database-platform=org.hibernate.dialect.PostgreSQLDialect
  10. # Hibernate ddl auto (create, create-drop, validate, update, none --> 'default')
  11. spring.jpa.hibernate.ddl-auto=update
  13. # Prepare logging-time system for Spring-Boot engine & will print logs in console (also work as work-level to monitor generated HQL in console)
  14. logging.level.org.hibernate.sql=debug
  15. logging.level.org.hibernate.type=trace
  16. #spring.jpa.show-sql=true
  18. # Default user login and password for spring security web login page (if spring security is enabled)
  19. #spring.security.user.name=spring
  20. #spring.security.user.password=spring123 
  21. #spring.security.user.roles=USER
  23. spring.main.allow-bean-definition-overriding=true
  24. #spring.main.allow-circular-references=true
ubuntu

1条答案

按热度按时间
lymnna71

lymnna711#

您可以通过将密码编码器的工厂方法设置为静态来打破这种循环:

  1. @Bean
  2. public static BCryptPasswordEncoder passwordEncoder() {
  3.     return new BCryptPasswordEncoder();
  4. }

这样,密码编码器的创建就不再依赖于被示例化的配置类的示例。

赞(0)分享  回复(0)举报  2023-10-17
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com