6

大家好,我是 spring security 和 jwt 的新手。我在我的 Spring Boot 项目中实现 Jwt 以保护用户登录,我使用的是 Spring Boot 2.1.5,我对 Spring Boot 2+ 中的新 bean 限制了解不多。我需要一些帮助..在这里我正在尝试@Autowired UserDetailsS​​ervice 并且代码运行良好..结果也很好..但intellij显示错误

@Autowired UserDetailsS​​ervice jwtUserDetailsS​​ervice

说...无法自动装配。UserDetailsS​​ervice 类型的 bean 不止一种。

谁能解释一下这里发生了什么错误,为什么我不能自动装配,为什么以及 spring boot 2+ 中的 Autowired 限制是什么?

并提前感谢

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurity extends WebSecurityConfigurerAdapter {

    @Autowired
    private JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Autowired
    private JwtFilter jwtFilter;

    @Autowired
    private UserDetailsService jwtUserDetailsService; // here i got error only

    @Autowired
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(jwtUserDetailsService).passwordEncoder(passwordEncoder);
    }

    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();
        http.authorizeRequests().antMatchers("/api/user/add", "/generate").permitAll().anyRequest().authenticated().and()            .exceptionHandling().authenticationEntryPoint(jwtAuthenticationEntryPoint)
                .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        http.addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class);
    }
}

我的 customUserDetailService 是

@Service
public class JwtUserDetailService implements UserDetailsService {

    @Autowired
    private UserRepository userRepository;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        User user = userRepository.findByUsername(username);
        if (user != null) {
            return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), new ArrayList<>());
        } else {
            throw new UsernameNotFoundException("Username does't exists");
        }

    }
}

我的 JwtController 类,它公开了重新结束点以生成 jwt 令牌


@CrossOrigin
@RestController
public class JwtController {

    @Autowired
    private JwtUtils jwtUtils;

    @Autowired
    private AuthenticationManager authenticationManager;
    @Autowired
    private JwtUserDetailService jwtUserDetailService;

    @PostMapping(value = "/generate")
    public ResponseEntity<?> generateToken(@RequestBody JwtRequest jwtRequest) throws Exception {
        try {
            authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(jwtRequest.getUsername(),
                    jwtRequest.getPassword()));
        } catch (DisabledException e) {
            throw new Exception("USER_DISABLED", e);
        } catch (BadCredentialsException e) {
            throw new Exception("INVAILD_CREDENTIALS", e);
        }
        final UserDetails userDetails = jwtUserDetailService.loadUserByUsername(jwtRequest.getUsername());
        final String token = jwtUtils.generateToken(userDetails);

        return ResponseEntity.ok(new JwtResponse(token));
    }
}

我的 JwtFilter 类

@Component
public class JwtFilter extends OncePerRequestFilter {

    @Autowired
    private JwtUserDetailService jwtUserDetailService;

    @Autowired
    private JwtUtils jwtUtils;

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
            throws ServletException, IOException {

        final String requestTokenHeader = request.getHeader("Authorization");

        String username = null;
        String jwtToken = null;

        if (requestTokenHeader != null && requestTokenHeader.startsWith("Bearer ")) {
            jwtToken = requestTokenHeader.substring(7);
            try {
                username = jwtUtils.getUsernameFromToken(jwtToken);
            } catch (IllegalArgumentException e) {
                System.out.println("Unable to get JWT Token");
            } catch (ExpiredJwtException e) {
                System.out.println("JWT Token has expired");
            }
        } else {
            logger.warn("JWT Token does not begin with Bearer String");
        }

        if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {

            UserDetails userDetails = this.jwtUserDetailService.loadUserByUsername(username);

            if (jwtUtils.validate(jwtToken, userDetails)) {

                UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(
                        userDetails, null, userDetails.getAuthorities());
                usernamePasswordAuthenticationToken
                        .setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
               SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
            }
        }
        chain.doFilter(request, response);
    }

}

其他正常的东西,如实体、存储库和一些安全的重新发送点

4

3 回答 3

4

UserDetailsS​​ervice 由 spring 提供。要自动装配,您需要对其进行配置。

@Bean
public UserDetailsService getUserDetails(){
   return new JwtUserDetailService(); // Implementation class
}

如果您对 Bean 配置不感兴趣。您可以直接自动装配 JwtUserDetailService。

@Autowired
private JwtUserDetailService jwtUserDetailsService;
于 2019-06-21T11:36:21.437 回答
3

我在另一个上下文中遇到了同样的错误。原因是 Idea 不知道要使用哪个 'UserDetailsS​​ervice' 类型的 bean。我的解决方案是通过注释Qualifier

@Qualifier("beanNameWhichYouWantUse")
@Autowired
private UserDetailsService jwtUserDetailsService;

如果使用 Idea: 在错误上给出鼠标点,请从上下文菜单中选择:

"More actions" -> "Add qualifier"

在此处输入图像描述

最后选择bean

于 2020-12-01T08:13:22.977 回答
0

您可以将此代码放在 application.properties 中:

spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.security.servlet.UserDetailsServiceAutoConfiguration
于 2021-10-07T21:41:02.617 回答