1

尝试用 Spring MVC 和 Spring Security 做一些实验:

@Controller
@RequestMapping("/auth")
public class AuthController {   
    @Autowired
    // @Qualifier("userDetailsService") - tried adding this
    private MyUserDetailsService userDetailsService;
    ...
}

// @Scope("singleton") - tried adding this
@Service("userDetailsService")
public class MyUserDetailsService implements UserDetailsService {
    ...
}

我拥有的完整 context.xml:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xmlns:context="http://www.springframework.org/schema/context"
    xmlns:mvc="http://www.springframework.org/schema/mvc"
    xmlns:security="http://www.springframework.org/schema/security"
    xsi:schemaLocation="http://www.springframework.org/schema/beans 
        http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
        http://www.springframework.org/schema/context 
        http://www.springframework.org/schema/context/spring-context-3.0.xsd
        http://www.springframework.org/schema/mvc
        http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd
        http://www.springframework.org/schema/security
        http://www.springframework.org/schema/security/spring-security-3.0.xsd">

    <!-- ORIGINAL springmvc-servlet.xml -->
    <mvc:annotation-driven />
    <mvc:resources mapping="/static/**" location="/static/" />

    <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
        <property name="viewClass" value="org.springframework.web.servlet.view.JstlView" />
        <property name="prefix" value="/WEB-INF/jsp/"></property>
        <property name="suffix" value=".jsp"></property>
    </bean>

    <bean class="org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter" />
    <bean class="org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping" />

    <context:annotation-config />
    <context:component-scan base-package="com.xxxxxxxxx" />
    <!-- end ORIGINAL springmvc-servlet.xml -->

    <!-- FROM springmvc-security.xml -->
    <security:global-method-security secured-annotations="enabled">
    </security:global-method-security>

    <security:http auto-config="true" access-denied-page="/auth/denied">
        <security:intercept-url pattern="/admin/*" access="ROLE_ADMIN"/>        
        <security:intercept-url pattern="/user/*" access="ROLE_USER"/>
        <security:intercept-url pattern="/auth/login" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
        <security:intercept-url pattern="/auth/register" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
        <security:intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
        <security:form-login login-page="/auth/login" authentication-failure-url="/auth/login?login_error=true" default-target-url="/user"/>
        <security:logout logout-url="/auth/logout" logout-success-url="/" invalidate-session="true"/>
        <security:openid-login authentication-failure-url="/login?login_error=t" user-service-ref="openIdUserDetailsService" />
    </security:http>

    <security:authentication-manager>
        <security:authentication-provider user-service-ref="userDetailsService" />
    </security:authentication-manager>
    <!-- end FROM springmvc-security.xml -->    
</beans>

出于某种原因,创建了 2 个实例MyUserDetailsService。第一个由 Spring Security 使用,第二个被注入到AuthController. 如果我想要一个实例,那么正确的方法是MyUserDetailsService什么?

4

2 回答 2

1

您没有显示足够的配置来确定,但我敢打赌,您对如何在 Spring MVC 应用程序中管理 Spring ApplicationContexts 感到困惑。我对关于同一问题的另一个问题的回答几乎可以肯定是您需要阅读的内容:

在父上下文与子上下文中声明 Spring Bean

您很可能已经在应用程序的根上下文和子上下文中声明了您的服务 bean(显式或使用组件扫描)。作为一个服务 bean,它应该只存在于根上下文中。您还可以从阅读此答案中受益:

Spring XML 文件配置层次结构帮助/说明

于 2012-05-29T06:22:09.550 回答
0

这个配置对我有用:

<security:authentication-manager>
<security:authentication-provider user-service-ref="userService">


<bean id="userService" class="com.mydomain.service.UserDetailsServiceImpl" />

这里有一个教程

于 2012-05-29T06:21:59.643 回答