创建名称为 AuthenticationManager 的 bean 时出错
Error creating bean with name AuthenticationManager
我正在开发一个使用 Spring-Security 的 Spring-MVC 应用程序。在登录申请中我必须使用 2 登录 url 的
- /j_spring_security_check_for_person
和
- /j_spring_security_check_for_group
登录名 url 都会检查我在其中实施了 UserDetails 和 userDetailsService 的数据库。要连接这两个 url 以进行登录,我正在使用 springSecurityFilterChain。不幸的是,它不起作用。我从 2 天开始就遇到这个问题,我可能犯了一些愚蠢的错误。请检查日志和xml,
错误日志:
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Could not resolve matching constructor (hint: specify index/type/name arguments for simple parameters to avoid type ambiguities)
at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:239)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1114)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1017)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:504)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:475)
at org.springframework.beans.factory.support.AbstractBeanFactory.getObject(AbstractBeanFactory.java:302)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:228)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:298)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:193)
at org.springframework.security.config.authentication.AuthenticationManagerFactoryBean.getObject(AuthenticationManagerFactoryBean.java:28)
at org.springframework.security.config.authentication.AuthenticationManagerFactoryBean.getObject(AuthenticationManagerFactoryBean.java:20)
at org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:168)
安全应用程序-context.xml
<security:http create-session="ifRequired" use-expressions="true"
auto-config="true" disable-url-rewriting="true">
<security:form-login login-page="/" default-target-url="/canvas/list"
always-use-default-target="false" authentication-failure-url="/denied.jsp" />
<security:logout logout-success-url="/" delete-cookies="JSESSIONID"
invalidate-session="true" logout-url="/j_spring_security_logout"/>
</security:http>
<bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy">
<security:filter-chain-map path-type="ant">
<security:filter-chain pattern="/**" filters="authenticationProcessingFilterForPersonal, authenticationProcessingFilterForGroup"/>
</security:filter-chain-map>
</bean>
<bean id="authenticationProcessingFilterForPersonal"
class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManagerForPersonal"/>
<property name="filterProcessesUrl" value="/j_spring_security_check_for_person" />
</bean>
<bean id="authenticationProcessingFilterForGroup"
class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManagerForGroup"/>
<property name="filterProcessesUrl" value="/j_spring_security_check_for_group"/>
</bean>
<bean id="authenticationManagerForPersonal" class="org.springframework.security.authentication.ProviderManager">
<property name="providers">
<list>
<bean class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<property name="userDetailsService">
<ref bean="userDetailsService"/>
</property>
<property name="passwordEncoder" ref="encoder"/>
</bean>
</list>
</property>
</bean>
<bean id="authenticationManagerForGroup" class="org.springframework.security.authentication.ProviderManager">
<property name="providers">
<list>
<bean class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<property name="userDetailsService">
<ref bean="groupDetailsService"/>
</property>
<property name="passwordEncoder" ref="encoder"/>
</bean>
</list>
</property>
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="authenticationManagerForPersonal"/>
<security:authentication-provider ref="authenticationManagerForGroup"/>
</security:authentication-manager>
<beans:bean id="encoder"
class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder">
<beans:constructor-arg name="strength" value="11" />
</beans:bean>
如果我用下面的代码片段替换身份验证管理器代码,我不会收到错误,但是 2 个登录 url 没有注册:
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider user-service-ref="userDetailsService">
<security:password-encoder ref="encoder"/>
</security:authentication-provider>
<security:authentication-provider user-service-ref="groupDetailsService">
<security:password-encoder ref="encoder"/>
</security:authentication-provider>
</security:authentication-manager>-->
如异常消息所示,您的 authenticationManagerForGroup 和 authenticationManagerForPersonal 配置无效。从类型签名和 JavaDoc 中可以发现,ProviderManager 将 AuthenticationManager 的列表作为构造函数参数,但是您将 AuthenticationManager 配置为 属性 个参数。
您应该可以通过将 <property name="providers"> 元素替换为 <constructor-arg> 来实现此功能。
authenticationManagerForPersonal 和 authenticationManagerForGroup 是 bean 类型 ProviderManager。这是错误的。您必须将这些 bean 声明为 DaoAuthenticationProvider 类型。
请仔细看看我的 配置。
我正在开发一个使用 Spring-Security 的 Spring-MVC 应用程序。在登录申请中我必须使用 2 登录 url 的
- /j_spring_security_check_for_person 和
- /j_spring_security_check_for_group
登录名 url 都会检查我在其中实施了 UserDetails 和 userDetailsService 的数据库。要连接这两个 url 以进行登录,我正在使用 springSecurityFilterChain。不幸的是,它不起作用。我从 2 天开始就遇到这个问题,我可能犯了一些愚蠢的错误。请检查日志和xml,
错误日志:
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Could not resolve matching constructor (hint: specify index/type/name arguments for simple parameters to avoid type ambiguities)
at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:239)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1114)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1017)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:504)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:475)
at org.springframework.beans.factory.support.AbstractBeanFactory.getObject(AbstractBeanFactory.java:302)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:228)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:298)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:193)
at org.springframework.security.config.authentication.AuthenticationManagerFactoryBean.getObject(AuthenticationManagerFactoryBean.java:28)
at org.springframework.security.config.authentication.AuthenticationManagerFactoryBean.getObject(AuthenticationManagerFactoryBean.java:20)
at org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:168)
安全应用程序-context.xml
<security:http create-session="ifRequired" use-expressions="true"
auto-config="true" disable-url-rewriting="true">
<security:form-login login-page="/" default-target-url="/canvas/list"
always-use-default-target="false" authentication-failure-url="/denied.jsp" />
<security:logout logout-success-url="/" delete-cookies="JSESSIONID"
invalidate-session="true" logout-url="/j_spring_security_logout"/>
</security:http>
<bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy">
<security:filter-chain-map path-type="ant">
<security:filter-chain pattern="/**" filters="authenticationProcessingFilterForPersonal, authenticationProcessingFilterForGroup"/>
</security:filter-chain-map>
</bean>
<bean id="authenticationProcessingFilterForPersonal"
class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManagerForPersonal"/>
<property name="filterProcessesUrl" value="/j_spring_security_check_for_person" />
</bean>
<bean id="authenticationProcessingFilterForGroup"
class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManagerForGroup"/>
<property name="filterProcessesUrl" value="/j_spring_security_check_for_group"/>
</bean>
<bean id="authenticationManagerForPersonal" class="org.springframework.security.authentication.ProviderManager">
<property name="providers">
<list>
<bean class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<property name="userDetailsService">
<ref bean="userDetailsService"/>
</property>
<property name="passwordEncoder" ref="encoder"/>
</bean>
</list>
</property>
</bean>
<bean id="authenticationManagerForGroup" class="org.springframework.security.authentication.ProviderManager">
<property name="providers">
<list>
<bean class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<property name="userDetailsService">
<ref bean="groupDetailsService"/>
</property>
<property name="passwordEncoder" ref="encoder"/>
</bean>
</list>
</property>
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="authenticationManagerForPersonal"/>
<security:authentication-provider ref="authenticationManagerForGroup"/>
</security:authentication-manager>
<beans:bean id="encoder"
class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder">
<beans:constructor-arg name="strength" value="11" />
</beans:bean>
如果我用下面的代码片段替换身份验证管理器代码,我不会收到错误,但是 2 个登录 url 没有注册:
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider user-service-ref="userDetailsService">
<security:password-encoder ref="encoder"/>
</security:authentication-provider>
<security:authentication-provider user-service-ref="groupDetailsService">
<security:password-encoder ref="encoder"/>
</security:authentication-provider>
</security:authentication-manager>-->
如异常消息所示,您的 authenticationManagerForGroup 和 authenticationManagerForPersonal 配置无效。从类型签名和 JavaDoc 中可以发现,ProviderManager 将 AuthenticationManager 的列表作为构造函数参数,但是您将 AuthenticationManager 配置为 属性 个参数。
您应该可以通过将 <property name="providers"> 元素替换为 <constructor-arg> 来实现此功能。
authenticationManagerForPersonal 和 authenticationManagerForGroup 是 bean 类型 ProviderManager。这是错误的。您必须将这些 bean 声明为 DaoAuthenticationProvider 类型。
请仔细看看我的