Arian Hosseinzadeh:
En mi aplicación de arranque primavera, tengo las dos clases siguientes:
@EnableWebSecurity
public class AppSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private JwtAuthenticationFilter jwtAuthenticationFilter;
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
// TODO re-enable csrf after dev is done
.csrf()
.disable()
// we must specify ordering for our custom filter, otherwise it
// doesn't work
.addFilterAfter(jwtAuthenticationFilter,
UsernamePasswordAuthenticationFilter.class)
// we don't need Session, as we are using jwt instead. Sessions
// are harder to scale and manage
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}
}
y:
@Component
public class JwtAuthenticationFilter extends
AbstractAuthenticationProcessingFilter {
/*
* we must set authentication manager for our custom filter, otherwise it
* errors out
*/
@Override
@Autowired
public void setAuthenticationManager(
AuthenticationManager authenticationManager) {
super.setAuthenticationManager(authenticationManager);
}
}
JwtAuthenticationFilterdepende de un AuthenticationManagerfrijol a través de su setAuthenticationManagermétodo, sino que el frijol se crea en la AppSecurityConfigque ha JwtAuthenticationFilterautowired en. Todo esto crea una dependencia circular. ¿Cómo debo resolver este problema?
Arian Hosseinzadeh:
He arreglado este problema siguiendo lo que se sugiere aquí: No se puede pasar a AuthenticationManager filtro personalizado por @Autowired
Quité @Componentde JwtAuthenticationFiltery en lugar de autowiring JwtAuthenticationFiltera WebSecurityConfigclase, he definido el grano de allí:
@Bean
public JwtAuthenticationFilter JwtAuthenticationFilter() {
return new JwtAuthenticationFilter();
}