我正在开发一个弹簧启动、购物车应用程序。一切似乎都正常,与 mysql 的连接正常,JDBC 已加载,但我总是会遇到异常,我找不到解决方案。
界面 UserDetailsService似乎无法正常工作。我必须说,尽管我使用不推荐使用的休眠方法查询分页结果。这可能是原因吗?经过数小时的搜索,我们将不胜感激。我不知道谢谢....
例外:
2018-03-19 18:44:23.192 WARN 10956 --- [main]
ConfigServletWebServerApplicationContext :
Exception encountered during context initialization - cancelling
refresh attempt:
org.springframework.beans.factory.UnsatisfiedDependencyException:
Error creating bean with name 'webSecurityConfig':
Unsatisfied dependency expressed through field 'userDetailsService';
nested exception is
org.springframework.beans.factory.UnsatisfiedDependencyException:
Error creating bean with name 'userDetailsService':
Unsatisfied dependency expressed through field 'accountDAO';
nested exception is
org.springframework.beans.factory.UnsatisfiedDependencyException:
Error creating bean with name 'accountDAO':
Unsatisfied dependency expressed through field 'sessionFactory';
nested exception is
org.springframework.beans.factory.BeanCreationException:
Error creating bean with name 'sessionFactory'
defined in com.maxmaxy.mangoshop.SpringBootMangoShopApplication:
Bean instantiation via factory method failed;
nested exception is
org.springframework.beans.BeanInstantiationException:
Failed to instantiate [org.hibernate.SessionFactory]:
Factory method 'getSessionFactory' threw exception;
nested exception is org.hibernate.MappingException:
Failed to scan classpath for unlisted classes
Pom.xml:
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.0.0.RELEASE</version>
</parent>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-
8</project.reporting.outputEncoding>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-validation</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
</dependency>
<dependency>
<groupId>commons-validator</groupId>
<artifactId>commons-validator</artifactId>
<version>1.6</version>
</dependency>
<dependency>
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
<version>2.6</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
网络安全配置:
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import
org.springframework.security.config.annotation.authentication.builders.
AuthenticationManagerBuilder;
import
org.springframework.security.config.annotation.web.builders.
HttpSecurity;
import
org.springframework.security.config.annotation.web.configuration.
WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.
BCryptPasswordEncoder;
import com.maxmaxy.mangoshop.service.UserDetailsServiceImpl;
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsServiceImpl userDetailsService;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws
Exception {
// Set service to find User in the database & set password encoder
BCryptPasswordEncoder bcryptPasswordEncoder = new
BCryptPasswordEncoder();
auth.userDetailsService(userDetailsService).passwordEncoder
(bcryptPasswordEncoder);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
//Requires login with role EMPLOYEE or MANAGER. If not, will
redirect to /admin/login
http.authorizeRequests()
.antMatchers("/admin/orderList","/admin/order",
"/admin/accountInfo")
.access("hasAnyRole('ROLE_EMPLOYEE', 'ROLE_MANAGER'");
// Pages only for Manager
http.authorizeRequests().antMatchers("/admin/product")
.access("hasRole('ROLE_MANAGER')");
// When user login, role XX accessDeniedException
http.authorizeRequests().and().exceptionHandling()
.accessDeniedPage("/403");
//Configuration for login form
http.authorizeRequests().and().formLogin()
// Submit the Url
.loginProcessingUrl("/j_spring_security_check")
.loginPage("/admin/login")
.defaultSuccessUrl("/admin/accountInfo")
.failureUrl("/admin/login?error=true")
.usernameParameter("userName")
.passwordParameter("password")
// Configuration for the logout page
.and().logout().logoutUrl("/admin/logout")
.logoutSuccessUrl("/");
}
}
UserDetailsServiceImpl:
import java.util.ArrayList;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority
.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails
.UserDetailsService;
import org.springframework.security.core.userdetails
.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import com.maxmaxy.mangoshop.dao.AccountDAO;
import com.maxmaxy.mangoshop.entity.Account;
@Service
public class UserDetailsServiceImpl implements UserDetailsService {
@Autowired
private AccountDAO accountDAO;
@Override
public UserDetails loadUserByUsername(String username) throws
UsernameNotFoundException {
Account account = accountDAO.findAccount(username);
System.out.println("Account= " + account);
if (account == null) {
throw new UsernameNotFoundException("User " //
+ username + " was not found in the database");
}
// EMPLOYEE,MANAGER,..
String role = account.getUserRole();
List<GrantedAuthority> grantList =
new ArrayList<GrantedAuthority>();
// ROLE_EMPLOYEE, ROLE_MANAGER
GrantedAuthority authority = new SimpleGrantedAuthority(role);
grantList.add(authority);
boolean enabled = account.isActive();
boolean accountNonExpired = true;
boolean credentialsNonExpired = true;
boolean accountNonLocked = true;
UserDetails userDetails = (UserDetails) new
User(account.getUserName(), //
account.getEncryptedPassword(), enabled, accountNonExpired,
credentialsNonExpired, accountNonLocked, grantList);
return userDetails;
}
}
最后提到的异常中的类 AccountDAO:
import org.hibernate.Session;
import org.hibernate.SessionFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Repository;
import org.springframework.transaction.annotation.Transactional;
import com.maxmaxy.mangoshop.entity.Account;
@Transactional
@Repository
public class AccountDAO {
@Autowired
private SessionFactory sessionFactory;
public Account findAccount(String userName) {
Session session = this.sessionFactory.getCurrentSession();
return session.find(Account.class, userName);
}
}