我需要在注册成功后自动登录。java.lang.StackOverflowError : null,但在通过 Postman 测试我的代码时得到了。控制器类:@RestControllerpublic class RegistrationController { @Autowired private UserService userService; @Autowired private AuthenticationManager authenticationManager; @PostMapping("/api/user/registration") public ResponseEntity registerNewUserAccount( @RequestBody @Valid RegistrationDto userDto, HttpServletRequest request){ userService.save(userDto); authenticateUser(userDto, request); return ResponseEntity.ok().build(); } private void authenticateUser(RegistrationDto userDto, HttpServletRequest request){ String username = userDto.getEmailAddress(); String password = userDto.getPassword(); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password); request.getSession(); token.setDetails(new WebAuthenticationDetails(request)); Authentication authenticatedUser = authenticationManager.authenticate(token); SecurityContextHolder.getContext().setAuthentication(authenticatedUser); }}安全配置类:@Configuration@EnableWebSecuritypublic class SecurityConfiguration extends WebSecurityConfigurerAdapter { @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { super.configure(auth); } @Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .anyRequest().permitAll() .and() .csrf().disable(); } @Bean @Override public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); } @Bean public BCryptPasswordEncoder cryptPasswordEncoder(){ return new BCryptPasswordEncoder(); }}我知道StackOverflowError并且我猜测AuthenticationManagerBuilder或者authenticationManagerBean应该导致这个问题。
1 回答
摇曳的蔷薇
TA贡献1793条经验 获得超6个赞
您的猜测是正确的:) 您应该AuthenticationManager正确配置。您引用的链接没有明确表明这一点。
配置它的方法有很多种:显式提供 的实现AuthenticationManager,或者配置将创建 的构建器AuthenticationManager,或者AuthenticationManager通过 XML 进行配置等。下面是配置它的多种可能方法中的 2 种。
1.提供自己的AuthenticationManager
对于某些真正的身份验证,您可以实现AuthenticationManager基于 LDAP 或 JDBC 的身份验证。为了演示这个想法,这里有一个虚拟实现,足以使您的代码运行。
public class DummyAuthenticationManager implements AuthenticationManager {
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
// Dummy implementation. We don't check anything here.
return authentication;
}
}
在您SecurityConfiguration创建它的实例,如下所示:
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return new DummyAuthenticationManager();
}
...
}
通过这些更改,您的代码将运行,并且您可以继续逐步扩展它。
2.使用AuthenticationManagerBuilder
AuthenticationManager您可以配置AuthenticationManagerBuilder将为您构建AuthenticationManager所需的内容,而不是实现。
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("user1").password("password1").roles("USER").and()
.withUser("user2").password("password2").roles("USER").and()
.withUser("admin").password("password3").roles("USER", "ADMIN");
}
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManager();
}
...
}
通过这些更改,您的代码将运行,并且您可以继续逐步扩展它。例如,对于实际的东西,inMemoryAuthentication()您可以使用ldapAuthentication()或jdbcAuthentication()或其他一些配置器。
添加回答
举报
0/150
提交
取消