无法将DaoAuthenticationConfigurer应用于已构建的对象

我得到了这个例外: 

[WARN] org.springframework.web.context.support.GenericWebApplicationContext - Exception encountered during context initialization - cancelling refresh attempt org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'accountResource': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire field: private io.ilopezluna.japanathome.service.UserService io.ilopezluna.japanathome.web.rest.AccountResource.userService; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'userService': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire field: private org.springframework.security.crypto.password.PasswordEncoder io.ilopezluna.japanathome.service.UserService.passwordEncoder; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'securityConfiguration': Injection of autowired dependencies failed; nested exception is java.lang.IllegalStateException: Cannot apply org.springframework.security.config.annotation.authentication.configurers.userdetails.DaoAuthenticationConfigurer@54aa5730 to already built object at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessPropertyValues(AutowiredAnnotationBeanPostProcessor.java:293) ~[spring-beans-4.0.7.RELEASE.jar:4.0.7.RELEASE] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1186) ~[spring-beans-4.0.7.RELEASE.jar:4.0.7.RELEASE]

您可以在https://travis-ci.org/ilopezluna/japan-at-home/builds/37866955上查看更多信息

在执行测试期间抛出此exception。 但我无法在我的本地主机上重现它,我总是获得成功:S

我花了两天时间,但我相信我终于解决了这个问题。 在我的SecurityConfiguration类中,我有以下方法: 

 @Configuration @EnableWebMvcSecurity @EnableGlobalMethodSecurity(jsr250Enabled=true, prePostEnabled=true) public class SecurityConfiguration extends WebSecurityConfigurerAdapter { @Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(authenticationService); } }

我用configureGlobal方法替换了configure方法: 

  @Override public void configure(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(authenticationService); }

现在一切正常。

根据这个答案 ,区别在于使用configureGlobal将允许AuthenticationManager通过全局方法安全性或另一个HttpSecurity(WebSecurityConfigurerAdapter)。

如您所见,我正在启用Web Mvc Security和全局方法安全性。 根据我的unit testing,两者都继续使用这个改变,但是我的办公室在这里有一些关于这个改变是否正确的辩论(即,是否正确配置全局方法安全性),或者是否存在另一个问题解。

我们认为问题的根本原因是某种类型的Spring bug,可能是竞争条件。 尽管看起来不太可能,但只有在我们向项目中添加一个空类时,问题才会显现出来,这个类的包或名称是什么并不重要。

Interesting Posts