问题描述

我在调用 authenticationManger.authenticate()

java.lang.StackOverflowError: null atorg.apache.commons.logging.LogAdapter$Slf4jLog.isDebugEnabled(LogAdapter.java:300)~[spring-jcl-5.1.10.RELEASE.jar:5.1.10.RELEASE] 在org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:162)~[spring-security-core-5.1.6.RELEASE.jar:5.1.6.RELEASE] 在org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter$AuthenticationManagerDelegator.authenticate(WebSecurityConfigurerAdapter.java:503)~[spring-security-config-5.1.6.RELEASE.jar:5.1.6.RELEASE]

我正在尝试在我的应用程序中实现 JWT.我已经创建了 JWTTOkenUtil、过滤器、控制器.但只有身份验证管理器不起作用.我也尝试过 CustomAuthenticationManger 但同样的错误.

I am trying to implement JWT in my application. I have created JWTTOkenUtil, Filter, Controller. But only Authentication manager is not working. I have tried with CustomAuthenticationManger as well but same error.

文件 AppConfig.java

    @Configuration
    @EnableWebSecurity
    @EnableGlobalMethodSecurity(prePostEnabled = true)
    public class AppConfig  extends WebSecurityConfigurerAdapter{

    @Autowired
    private JwtUserDetailService jwtUserDetailService;

    @Autowired
    private JwtAuthenticationProvider jwtAuthenticationProvider;

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.authenticationProvider(jwtAuthenticationProvider);

     //auth.userDetailsService(jwtUserDetailService).passwordEncoder(passwordEncoder());
    }

    @Bean
    @Override
    public AuthenticationManager authenticationManager() throws Exception {
        return super.authenticationManagerBean();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable()
            .authorizeRequests().antMatchers("/version").permitAll()
            .anyRequest().authenticated()
            .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        http.addFilterBefore(jwtRequestFilter(), UsernamePasswordAuthenticationFilter.class);
    }

    @Bean
    public JwtRequestFilter jwtRequestFilter() {
            return new JwtRequestFilter();
    }
}

推荐答案

authenticationManager()和WebSecurityConfigurerAdapter的authenticationManagerBean()是两个不同的方法，并且您正在调用超类的 authenticationManagerBean() 方法，据我所知，这取决于 authenticationManager() 方法.这反过来会创建方法的循环调用，最终导致 StackOverflowError 异常.

authenticationManager() and authenticationManagerBean() of WebSecurityConfigurerAdapter are two different methods, and you are calling authenticationManagerBean() method of your super class, which, as far as I know, depends on authenticationManager() method. This, in return creates a cyclic calls of methods, which finally results in StackOverflowError exception.

您可以尝试不覆盖 AuthenticationManager authenticationManager() 方法，或者在这样做时返回一个可靠的实现.

You could try just not override AuthenticationManager authenticationManager() method, or return a solid implementation when doing so.

这篇关于为什么 AuthenticationManager 会抛出 StackOverflowError?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！