自定义 AuthenticationProvider ,UserDetailsService的实现类@Autowired 为null
项目场景:
整合spring security OAuth2自定义AuthenticationProvider 登录认证 签发token
问题描述:
在自定义 AuthenticationProvider 时 发现UserDetailsService 的实现类 UserService 一直注入不进去,为null
自定义 AuthenticationProvider 通过 username直接登录
package com.example.sso.provider;
import com.example.sso.service.UserService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
@Slf4j
public class UsernameAuthenticationProvider implements AuthenticationProvider {
@Autowired
UserService userService;
public UsernameAuthenticationProvider() {
log.info("UsernameAuthenticationProvider loading......");
}
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String username = (String) authentication.getPrincipal();
UserDetails user = userService.loadUserByUsername(username);
if (null != user) {
return new UsernamePasswordAuthenticationToken(user, authentication.getCredentials(), user.getAuthorities());
}
return null;
}
@Override
public boolean supports(Class<?> authentication) {
return authentication.equals(UsernamePasswordAuthenticationToken.class);
}
}
解决办法,看最后三组代码
重写
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(usernameAuthenticationProvider());
auth.userDetailsService(userService);
}
在该配置类,注入UserDetailsService的实现类UserService,并将其设置到AuthenticationManagerBuilder 中。
然后将自定义的 UsernameAuthenticationProvider 在此实例化。然后将其注入到 AuthenticationManagerBuilder 中,他是用来管理所有的provider的
package com.example.sso.config;
import com.example.sso.provider.UsernameAuthenticationProvider;
import com.example.sso.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.BeanIds;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfigure extends WebSecurityConfigurerAdapter {
//对外放开某些接口
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/login/getUser");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests()
.antMatchers("/**").authenticated().anyRequest().authenticated();//所有请求都需要验证
// .anyRequest().permitAll(); //其他所有请求都不需要验证
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean(name = BeanIds.AUTHENTICATION_MANAGER)
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Autowired
UserService userService;
@Bean
public UsernameAuthenticationProvider usernameAuthenticationProvider() {
return new UsernameAuthenticationProvider();
}
//添加自定义的provider
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(usernameAuthenticationProvider());
auth.userDetailsService(userService);
}
}
本文来自博客园,作者:好事的猫,转载请注明原文链接:https://www.cnblogs.com/BeiJiuGuRen/p/15828564.html
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】凌霞软件回馈社区,博客园 & 1Panel & Halo 联合会员上线
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】博客园社区专享云产品让利特惠,阿里云新客6.5折上折
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· DeepSeek “源神”启动!「GitHub 热点速览」
· 我与微信审核的“相爱相杀”看个人小程序副业
· 上周热点回顾(2.17-2.23)
· 微软正式发布.NET 10 Preview 1:开启下一代开发框架新篇章
· 如何使用 Uni-app 实现视频聊天(源码,支持安卓、iOS)