问题描述

我正在研究一个使用Spring-Security的Spring-MVC应用程序.在登录应用程序中，我必须使用2个登录网址

I am working on a Spring-MVC application which uses Spring-Security. In the application for login I have to use 2 login url's

• /j_spring_security_check_for_person 与
• /j_spring_security_check_for_group

• /j_spring_security_check_for_person AND
• /j_spring_security_check_for_group

登录URL均针对我实现了UserDetails和userDetailsS​​ervice的数据库进行检查.要连接这两个URL进行登录，我正在使用springSecurityFilterChain.不幸的是，它不起作用.由于存在两天的时间，我遇到了这个问题，我可能会犯一些愚蠢的错误.请检查日志和xml，

Both the login url's check against the database where I have implemented UserDetails and userDetailsService. To connect these both url's for login, I am using springSecurityFilterChain. Unfortunately, it is not working. I am at this problem since 2 days, I might be making some silly mistake. Kindly check the log and xml,

错误日志:

Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Could not resolve matching constructor (hint: specify index/type/name arguments for simple parameters to avoid type ambiguities)
    at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:239)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1114)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1017)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:504)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:475)
    at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:302)
    at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:228)
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:298)
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:193)
    at org.springframework.security.config.authentication.AuthenticationManagerFactoryBean.getObject(AuthenticationManagerFactoryBean.java:28)
    at org.springframework.security.config.authentication.AuthenticationManagerFactoryBean.getObject(AuthenticationManagerFactoryBean.java:20)
    at org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:168)

security-application-context.xml

security-application-context.xml

<security:http create-session="ifRequired" use-expressions="true"
               auto-config="true" disable-url-rewriting="true">
    <security:form-login login-page="/" default-target-url="/canvas/list"
               always-use-default-target="false"  authentication-failure-url="/denied.jsp" />
<security:logout logout-success-url="/" delete-cookies="JSESSIONID"
                     invalidate-session="true" logout-url="/j_spring_security_logout"/>
</security:http>



<bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy">
        <security:filter-chain-map path-type="ant">
            <security:filter-chain pattern="/**" filters="authenticationProcessingFilterForPersonal, authenticationProcessingFilterForGroup"/>
        </security:filter-chain-map>
    </bean>


    <bean id="authenticationProcessingFilterForPersonal"
          class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
        <property name="authenticationManager" ref="authenticationManagerForPersonal"/>
        <property name="filterProcessesUrl" value="/j_spring_security_check_for_person" />
    </bean>

    <bean id="authenticationProcessingFilterForGroup"
          class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
        <property name="authenticationManager" ref="authenticationManagerForGroup"/>
        <property name="filterProcessesUrl" value="/j_spring_security_check_for_group"/>
    </bean>


    <bean id="authenticationManagerForPersonal" class="org.springframework.security.authentication.ProviderManager">
    <property name="providers">
            <list>
                <bean class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
                    <property name="userDetailsService">
                        <ref bean="userDetailsService"/>
                    </property>
                    <property name="passwordEncoder" ref="encoder"/>
                </bean>
            </list>
        </property>
    </bean>



    <bean id="authenticationManagerForGroup" class="org.springframework.security.authentication.ProviderManager">
        <property name="providers">
            <list>
                <bean class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
                    <property name="userDetailsService">
                        <ref bean="groupDetailsService"/>
                    </property>
                    <property name="passwordEncoder" ref="encoder"/>
                </bean>
            </list>
        </property>
    </bean>

    <security:authentication-manager alias="authenticationManager">
        <security:authentication-provider ref="authenticationManagerForPersonal"/>
        <security:authentication-provider ref="authenticationManagerForGroup"/>
    </security:authentication-manager>


    <beans:bean id="encoder"
                class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder">
        <beans:constructor-arg name="strength" value="11" />
    </beans:bean>

如果我用下面的代码片段替换身份验证管理器代码，则不会收到错误消息，但是2个登录网址未注册:

If I replace the authentication-manager code with the below snippet, I don't get an error, but the 2 login url's are not registered :

<security:authentication-manager alias="authenticationManager">
            <security:authentication-provider user-service-ref="userDetailsService">
                <security:password-encoder ref="encoder"/>
            </security:authentication-provider>
            <security:authentication-provider user-service-ref="groupDetailsService">
                <security:password-encoder ref="encoder"/>
            </security:authentication-provider>
        </security:authentication-manager>-->

推荐答案

authenticationManagerForPersonal和authenticationManagerForGroup的类型为ProviderManager.这是错误的.您必须将这些bean声明为DaoAuthenticationProvider类型.请仔细查看我的 spring security 配置.

authenticationManagerForPersonal and authenticationManagerForGroup are of bean type ProviderManager. This is wrong. You have to declare those beans as type DaoAuthenticationProvider.Please take a closer look at my spring security configuration.

这篇关于创建名称为AuthenticationManager的bean时出错的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！