版权声明:本文为博主原创文章,未经博主credreamer 允许不得转载 违者追究法律责任。 https://blog.csdn.net/lidew521/article/details/82180972
醉了,一般这个注入不都是在类顶上注入嘛,这个可好,跑到
ScAuthApplication 中去注入了。。搞了半天,也记录一下吧
1.首先我在这个类中用到了:
E:\IdeaWkSpace\SmartCommunity\sc-auth\src\main\java\cn\gov\rongcheng\scauth\security\WebSecurityConfig.java
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
// 使用自定义身份验证组件
auth.authenticationProvider(new CustomAuthenticationProvider(userDetailsService,bCryptPasswordEncoder));
}但是微服务启动报错,错误如标题:
package cn.gov.rongcheng.scauth.security;
import cn.gov.rongcheng.scauth.filter.JWTAuthenticationFilter;
import cn.gov.rongcheng.scauth.filter.JWTLoginFilter;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//import org.springframework.security.core.userdetails.UserDetailsService;
/**
* SpringSecurity的配置
* 通过SpringSecurity的配置,将JWTLoginFilter,JWTAuthenticationFilter组合在一起
* @author LiuWenhao on 2018/05/28.
*/
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
private UserDetailsService userDetailsService;
private BCryptPasswordEncoder bCryptPasswordEncoder; //这里可以看到,根本没有注入啊,但是还能跑,刚开始我觉得就不对劲啊,去看了一下jar包,springsecurity 4.2.7,这个也挺奇怪,导入了两个,一个是springsecurity.core这个jar中有个
crypto,然后,还有一个独立的springsecurity.crypto的jar包,而且路径一样的,我就以为是jar冲突了,其实不是,这货,在启动类
E:\IdeaWkSpace\SmartCommunity\sc-auth\src\main\java\cn\gov\rongcheng\scauth\ScAuthApplication.java
这个里面,注入的。。。。。。奇葩用法,郁闷
public WebSecurityConfig(UserDetailsService userDetailsService, BCryptPasswordEncoder bCryptPasswordEncoder) {
this.userDetailsService = userDetailsService;
this.bCryptPasswordEncoder = bCryptPasswordEncoder;
}
// 设置 HTTP 验证规则AuthenticationProcessingFilter
@Override
protected void configure(HttpSecurity http) throws Exception {
// http.setHeader("Access-Control-Allow-Origin","*");
http.headers().frameOptions().disable();//解决 上传时iframe 'X-Frame-Options' to 'deny'.
http.cors().and().csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.authorizeRequests()
// 所有 /users/signup 的POST请求 都放行
.antMatchers(HttpMethod.POST, "/api/common/imgSubmit","/api/common/imgDelete","/api/common/ueditor","/api/product/getall",
"/api/expert/getall","/api/humanService/getmessage","/api/common/imgUpdate","/api/Questionnaire/getallsport",
"/api/document/questionnairedetail","/api/Questionnaire/getallnutrition","/api/ClassroomOnline/getall","/api/logincount/selectUserCount",
"/api/logincount/loginCountAdd","/api/common/getIndexImage","/api/common/indexImgSubmit","/api/starDisplay/getall").permitAll()
.antMatchers(HttpMethod.GET, "/api/common/ueditor","/api/common/imgUpdate").permitAll()
// .antMatchers(HttpMethod.POST, "/api").permitAll()
.anyRequest().authenticated() // 所有请求需要身份认证
// .anyRequest().permitAll()
.and()
.addFilter(new JWTLoginFilter(authenticationManager()))
.addFilter(new JWTAuthenticationFilter(authenticationManager()))
.logout() // 默认注销行为为logout,可以通过下面的方式来修改
.logoutUrl("/logout")
.logoutSuccessUrl("/login")
.permitAll();// 设置注销成功后跳转页面,默认是跳转到登录页面;
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
// 使用自定义身份验证组件
auth.authenticationProvider(new CustomAuthenticationProvider(userDetailsService,bCryptPasswordEncoder));
}
}
-------------------------------------------------------------
ScAuthApplication
package cn.gov.rongcheng.scauth;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Bean;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
@SpringBootApplication
public class ScAuthApplication {
@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder(){ //这里注入了就可以了
return new BCryptPasswordEncoder();
}
public static void main(String[] args) {
SpringApplication.run(ScAuthApplication.class, args);
}
}