问题:
Spring Security 3.1 JPA-空指针异常
杨波娃
我是一个Spring新手,面临着Spring Security性的问题。
我正在尝试实现一个自定义UserDetailsService,用于用户检索,并在访问UserService对象时获得一个空指针异常。我正在自动连接这个对象。当在其他控制器和服务方法上完成时,autowirng可以正常工作,但是由于某些原因,它在这里不工作,因此当访问autowired对象(UserService)时,我会得到null指针异常。
我真的很感谢你在这方面的帮助。
异常堆栈跟踪:
java.lang.NullPointerException
java.lang.NullPointerException
at com.contact.list.service.CustomUserDetailsService.loadUserByUsername(CustomUserDetailsService.java:37)
at org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:81)
at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:132)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:174)
at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:94)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:194)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:173)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at com.springsource.insight.collection.tcserver.request.HttpRequestOperationCollectionValve.invoke(HttpRequestOperationCollectionValve.java:88)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1001)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:585)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:722)
CustomUserDetails服务类:
package com.contact.list.service;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Configurable;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.context.support.GenericXmlApplicationContext;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Repository;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import com.contact.list.form.Role;
import com.contact.list.repository.UserRepository;
@Service
@Transactional(readOnly = true)
public class CustomUserDetailsService implements UserDetailsService {
@Autowired
private UserService userService;
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException {
try{
com.contact.list.form.User domainuser = userService.findByUsername(username);
boolean enabled = true;
boolean accountNonExpired = true;
boolean credentialsNonExpired = true;
boolean accountNonLocked = true;
return new User(domainuser.getUsername(),
domainuser.getPassword().toLowerCase(),
enabled,accountNonExpired,
credentialsNonExpired,
accountNonLocked,
getAuthorities(domainuser.getRoles())
);
}catch (Exception e){
System.out.println(e);
e.printStackTrace();
throw new RuntimeException(e);
}
}
public Collection<? extends GrantedAuthority> getAuthorities(List<Role> roles){
List<GrantedAuthority> authList = getGrantedAuthorities(getroles(roles));
return authList;
}
public static List<GrantedAuthority> getGrantedAuthorities(List<String> userroles){
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
for(String userrole:userroles){
authorities.add(new SimpleGrantedAuthority(userrole));
}
return authorities;
}
public List<String> getroles(List<Role> roles){
List<String> userroles = new ArrayList<String>();
for (Role role : roles){
if(role.getRole() == 1){
userroles.add("ROLE_USER");
}
if(role.getRole() == 2){
userroles.add("ROLE_ADMIN");
}
}
return userroles;
}
}
用户服务接口:
package com.contact.list.service;
import java.util.List;
import com.contact.list.form.Contact;
import com.contact.list.form.User;
public interface UserService {
public List<User> findAll();
public void save(User user);
public User findByUsername(String username);
}
UserService实现类:
package com.contact.list.service;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Repository;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import com.contact.list.form.Contact;
import com.contact.list.form.User;
import com.contact.list.repository.UserRepository;
import com.google.common.collect.Lists;
@Service
@Repository
@Transactional
public class UserServiceImpl implements UserService {
@Autowired
private UserRepository userrepository;
public void save(User user) {
userrepository.save(user);
}
@Transactional(readOnly=true)
public List<User> findAll() {
return Lists.newArrayList(userrepository.findAll());
}
public User findByUsername(String username){
return userrepository.findByUsername(username);
}
}
用户仓库:
package com.contact.list.repository;
import org.springframework.data.repository.CrudRepository;
import com.contact.list.form.User;
public interface UserRepository extends CrudRepository<User, Long> {
User findByUsername(String username);
}
用户类别:
package com.contact.list.form;
import java.util.ArrayList;
import java.util.List;
import javax.persistence.CascadeType;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.Id;
import javax.persistence.OneToMany;
import javax.persistence.Table;
@Entity
@Table(name = "USER_TBL")
public class User {
@Column(name = "FIRST_NAME")
private String firstName;
@Column(name = "LAST_NAME")
private String lastName;
@Column(name = "EMAIL")
private String email;
@Id
@Column(name = "USERID")
private String username;
@Column(name = "PASSWORD")
private String password;
@OneToMany(mappedBy = "user", cascade = CascadeType.ALL)
private List<Role> roles = new ArrayList<Role>();
public String getFirstName() {
return firstName;
}
public void setFirstName(String firstName) {
this.firstName = firstName;
}
public String getLastName() {
return lastName;
}
public void setLastName(String lastName) {
this.lastName = lastName;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public List<Role> getRoles() {
return roles;
}
public void setRoles(List<Role> roles) {
this.roles = roles;
}
}
web.xml:
<!-- Spring Security Configuration -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- The definition of the Root Spring Container shared by all Servlets and Filters -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring/root-context.xml
/WEB-INF/spring-security.xml
</param-value>
</context-param>
<!-- Creates the Spring Container shared by all Servlets and Filters -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- Processes application requests -->
<servlet>
<servlet-name>appServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring/appServlet/servlet-context.xml
</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>appServlet</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
servlet-context.xml:
<!-- DispatcherServlet Context: defines this servlet's request-processing infrastructure -->
<!-- Enables the Spring MVC @Controller programming model -->
<annotation-driven />
<!-- Handles HTTP GET requests for /resources/** by efficiently serving up static resources in the ${webappRoot}/resources directory -->
<resources mapping="/resources/**" location="/resources/" />
<interceptors>
<beans:bean class="org.springframework.web.servlet.theme.ThemeChangeInterceptor"/>
</interceptors>
<beans:bean id="themeSource" class="org.springframework.ui.context.support.ResourceBundleThemeSource"/>
<beans:bean id="themeResolver" class="org.springframework.web.servlet.theme.CookieThemeResolver"/>
<!-- Resolves views selected for rendering by @Controllers to .jsp resources in the /WEB-INF/views directory -->
<beans:bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<beans:property name="prefix" value="/WEB-INF/views/" />
<beans:property name="suffix" value=".jsp" />
<beans:property name="requestContextAttribute" value="requestContext"/>
</beans:bean>
<context:component-scan base-package="com.contact.list" />
<beans:bean id = "myDataSource" class = "org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
<beans:property name="driverClassName" value = "org.postgresql.Driver"/>
<beans:property name="url" value = "jdbc:postgresql://localhost:5432/hibernatedb"/>
<beans:property name="username" value = "postgres"/>
<beans:property name="password" value = "password"/>
</beans:bean>
<!-- JPA Config -->
<beans:bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager">
<beans:property name="entityManagerFactory" ref="emf"/>
</beans:bean>
<tx:annotation-driven transaction-manager="transactionManager" />
<beans:bean id = "emf" class = "org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
<beans:property name = "dataSource" ref = "myDataSource"/>
<beans:property name = "jpaVendorAdapter">
<beans:bean class = "org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter"/>
</beans:property>
<beans:property name = "packagesToScan" value = "com.contact.list.form" />
<beans:property name="jpaProperties">
<beans:props>
<beans:prop key="hibernate.dialect">org.hibernate.dialect.PostgreSQLDialect</beans:prop>
<beans:prop key = "hibernate.show_sql">true</beans:prop>
<beans:prop key="hibernate.hbm2ddl.auto">update</beans:prop>
</beans:props>
</beans:property>
</beans:bean>
<beans:bean id = "passwordEncoder" class = "org.springframework.security.authentication.encoding.Md5PasswordEncoder"/>
<context:annotation-config/>
<!-- JPA Config -->
<!-- JPA Repository Abstraction Config -->
<jpa:repositories base-package="com.contact.list.repository" entity-manager-factory-ref="emf" transaction-manager-ref="transactionManager"/>
spring-security.xml
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/home*" access="hasRole('ROLE_USER')"/>
<form-login login-page="/login" default-target-url="/home" authentication-failure-url="/loginfailed" />
<logout logout-success-url="/logout" />
</http>
<authentication-manager>
<authentication-provider user-service-ref = "customUserDetailsService">
<password-encoder ref = "passwordEncoder"/>
</authentication-provider>
</authentication-manager>
<beans:bean id="customUserDetailsService" class="com.contact.list.service.CustomUserDetailsService"/>
<beans:bean id = "passwordEncoder" class = "org.springframework.security.authentication.encoding.Md5PasswordEncoder"/>
</beans:beans>
共有2个答案
宣望
您应该从UserServiceImpl类中删除@Repository注释。否则Spring会尝试实例化bean两次(因为@Service和@Repository注释)。。。
@Service
@Repository
@Transactional
public class UserServiceImpl implements UserService {
刘琨
所以,把它写成一个答案,这里发生的事情是,在一个典型的Spring Web应用程序中,你有属于Spring MVC Servlet的应用程序上下文(Spring术语,这里是bean所在的地方)。
这个在web.xml中定义为/WEB-INF/Spring/appServlet/servlet-context.xml。
另一方面,Spring Security过滤器不能访问这样的上下文,它只能访问根上下文。根上下文加载了ContextLoaderListener和中定义的bean:
<param-value>
/WEB-INF/spring/root-context.xml
/WEB-INF/spring-security.xml
</param-value>
在定义根上下文时,Servlet上下文被构建为根上下文的子上下文。这使Servlet上下文能够访问位于其父级中的bean,但另一种方式是不可能的。
然后,在Servlet上下文中定义了作为数据源、持久性系统(JPA)和服务的基本bean。安全系统试图访问服务bean(用户服务),但没有成功,因为该服务位于Servlet上下文而不是Root上下文(Spring Security所在的上下文)中,因此出现了空指针异常。
解决方案:将数据源、JPA和服务bean移动到根上下文,并将Servlet上下文留给Spring MVC控制器和视图。
类似资料:
-
问题内容: 有可能这可能是一个双重问题。我将String变量初始化为null。我可能会或可能不会使用一个值更新它。现在我想检查此变量是否不等于null以及我尝试执行的操作是否会得到null指针异常。空指针异常,因为它代价高昂。是否有任何有效的解决方法.TIA 问题答案: 如果您使用 你 不会 得到。 我怀疑你在做什么: 这是因为null 而引发,而不是因为null。 如果仍然无法解释,请发布您用于
-
我已经更新了我的项目中的一些依赖关系之后,我的Hibernate配置类显示Nullpointerx的。 我将SpringDataJPA存储库与hibernate一起使用,已经超过24小时了,仍然没有找到任何关于小问题的适当解决方案。 我已经尝试过的一些解决方案:- 使用@bean(name=“entityManagerFactory”)提供bean名称 我面临的问题 波姆。xml文件 配置类 db
-
当我试图从DB查询结果时,我得到一个空指针异常。以下是错误: 这是错误产生的函数。 如果我启动应用程序信息服务(=new ApplicationInfoService()),我会得到一个指向我的服务类的空指针错误,在这里进行查询 错误转到createQuery行,如果我打印出EntityManager,它将返回“null”。为什么我的Entitymanager不能初始化。我在我的登录系统中使用了几
-
问题内容: 嗨,我们一直在使用apache编写我们的Java程序来读取xls和xlsx文件,问题是我们由于两个原因而得到了空指针异常。第一个是已经解决的空白单元格,另一个是当我们选择一个没有任何记录的列。 我们的程序要求输入excel文件的路径,然后输入要读取的文件的特定工作表号和特定的工作表的列号。这是读取xls文件的代码 变量工作表名称用于excel文件的工作表编号 变量cols用于您要阅读的
-
问题内容: 我正在android中做一个应用程序,因此我需要访问com.android.internal.telephony API。现在,我可以访问这些API了,但问题是,无论我在自己的类中调用Class Call.java方法的什么地方,都会抛出。您可以在http://hi- android.info/src/com/android/internal/telephony/Call.java.h
-
有时,当我试图创建模糊位图时,我会遇到“空指针异常”。 发生在这段代码中(我最近开始捕获异常,因此至少它不会使应用程序崩溃): 请参考这些图片以获得更多关于我传递给“CreateBitmap”方法的参数的细节: 以下是扩展的参数: 完全异常: 异常{Java。Lang.NullPointerException:类型为“Java”的异常。引发了“Lang.NullPointerException”。
-
为什么我得到空指针异常?有什么想法吗?
-
嗨,我们一直在阅读xls和xlsx文件使用apache poi我们的java程序,问题是我们得到空指针异常有两个原因…第一个1是我们已经解决的空白单元格,另一个是当我们选择一个没有任何记录的列时… 我们可以读取每一张表的第一列,也可以读取第二张表的第二列,但是当我编辑我的测试文件时,程序现在只能读取每一张表的第一列…错误是空指针异常..希望你能帮忙提前谢谢