spring-security Spring Security循环依赖关系用户详细信息[重复]

c7rzv4ha  于 2022-11-11  发布在  Spring
关注(0)|答案(1)|浏览(192)

此问题在此处已有答案

I can't update my webapp to Spring Boot 2.6.0 (2.5.7 works but 2.6.0 doesn't)(4个答案)
上个月关门了。
我正在开发一个Sping Boot 应用程序。我必须为两个管理员用户创建凭据。我正在处理Spring Security。遇到循环依赖错误。在不包括Spring Security的情况下,我用post api测试了其他url。它工作正常。但无法理解此错误。
安全配置文件

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private UserDetailsService userDetailsService;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(encodePWD());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();

        http.authorizeRequests().antMatchers("/rest/auth/**").authenticated().anyRequest().permitAll().and()
                .authorizeRequests().antMatchers("/secure/rest/**").authenticated().anyRequest().hasAnyRole("ADMIN").and()
                .formLogin().permitAll();

    }

    @Bean
    public BCryptPasswordEncoder encodePWD() {
        return new BCryptPasswordEncoder();
    }
}

获取此错误

Error starting ApplicationContext. To display the conditions report re-run your application with 'debug' enabled.
2022-10-04 11:59:31.338[0;39m [31mERROR[0;39m [35m5733[0;39m [2m---[0;39m [2m[  restartedMain][0;39m [36mo.s.b.d.LoggingFailureAnalysisReporter  [0;39m [2m:[0;39m 

***************************

APPLICATION FAILED TO START

***************************

Description:

The dependencies of some of the beans in the application context form a cycle:

┌─────┐
|  securityConfig (field private org.springframework.security.core.userdetails.UserDetailsService strictly.cinema.config.SecurityConfig.userDetailsService)
↑     ↓
|  inMemoryUserDetailsManager defined in class path resource [org/springframework/boot/autoconfigure/security/servlet/UserDetailsServiceAutoConfiguration.class]
└─────┘

Action:

Relying upon circular references is discouraged and they are prohibited by default. Update your application to remove the dependency cycle between beans. As a last resort, it may be possible to break the cycle automatically by setting spring.main.allow-circular-references to true.
gdrx4gfi

gdrx4gfi1#

我遇到过同样的问题,如果您使用的是SpringBoot 2.6.x或更高版本,可能会对您有所帮助
请查看spring-cyclic-dependencies,您会发现以下描述
SpringBoot 2.6.x不推荐使用循环依赖,这是个好消息,SpringBoot正在逐步引导开发者自下而上编写标准代码,但也有个坏消息,循环依赖使用得太广泛了。
如果您从低版本升级到2.6.x,那么您可能遇到的第一个问题是循环依赖问题。

最简单的方法是在全局配置文件中允许循环引用,该属性的默认值为false,显示声明为true,可以避免项目启动控制台出现循环引用异常。
因此,请在yaml配置文件中添加以下代码

spring:
  main:
    allow-circular-references: true

相关问题