我正在尝试配置我的spring安全应用程序。
我想创建我自己的UserDetailsService.
我这样做:
public class ApplicationUserService implements UserDetailsService {
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
return this.someUser();
}
}
我有两种方法来添加这个UserService到Spring Security
- 添加到配置类中。像这样:
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
@Override
protected UserDetailsService userDetailsService() {
return applicationUserService;
}
}
- 或者在我的类上添加@Component或@Service的注释。当我只选择1种方式时,一切都很好,但我有一个问题:为什么当我试图使用这两种变体(添加@Service和添加@Bean配置)没有任何工作?我没有得到异常,错误或类似的东西在控制台:
2021-09-11 17:26:16.755 INFO 15819 --- [ main] com.example.test.TestApplication : Starting TestApplication using Java 16.0.2 on aleksander-MS-7A71 with PID 15819 (/home/aleksander/programming/java/4fun/test/target/classes started by aleksander in /home/aleksander/programming/java/4fun/test)
2021-09-11 17:26:16.756 INFO 15819 --- [ main] com.example.test.TestApplication : No active profile set, falling back to default profiles: default
2021-09-11 17:26:17.402 INFO 15819 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 8080 (http)
2021-09-11 17:26:17.409 INFO 15819 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
2021-09-11 17:26:17.409 INFO 15819 --- [ main] org.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/9.0.52]
2021-09-11 17:26:17.442 INFO 15819 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
2021-09-11 17:26:17.442 INFO 15819 --- [ main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 630 ms
2021-09-11 17:26:17.555 INFO 15819 --- [ main] o.s.s.web.DefaultSecurityFilterChain : Will secure any request with [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@6981f8f3, org.springframework.security.web.context.SecurityContextPersistenceFilter@38bb9d7a, org.springframework.security.web.header.HeaderWriterFilter@62db3891, org.springframework.security.web.authentication.logout.LogoutFilter@48528634, org.springframework.security.web.authentication.www.BasicAuthenticationFilter@80bfdc6, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@78d6447a, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@5e65afb6, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@623dcf2a, org.springframework.security.web.session.SessionManagementFilter@2819c460, org.springframework.security.web.access.ExceptionTranslationFilter@6f49d153, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@60bbacfc]
2021-09-11 17:26:17.676 INFO 15819 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 8080 (http) with context path ''
2021-09-11 17:26:17.682 INFO 15819 --- [ main] com.example.test.TestApplication : Started TestApplication in 1.215 seconds (JVM running for 1.794)
按照您描述问题的方式,除非您定义了bean首选项,否则应用程序肯定会抛出异常。
第一个例子:基本上,UserDetailsService是一个interface,您通过将bean声明为
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
@Override
protected UserDetailsService userDetailsService() {
return new ApplicationUserService();
}
}
第二个案例:您希望通过使用@Service或@Component注释声明另一个bean来检查行为,如下所示
@Service
public class ApplicationUserService implements UserDetailsService {
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
return new UserDetails();
}
}
如果你试图同时使用上述情况,它将不起作用。这种情况非常简单,您向spring容器提供了两个类型为UserDetailsService的bean,因此它将无法确定应该使用哪一个。
如果你想检查两种情况下的行为,你必须为bean设置优先级,所以在这种情况下,你可以用@Primary注释标记其中一个bean。
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Primary
@Bean
@Override
protected UserDetailsService userDetailsService() {
return new ApplicationUserService();
}
}