我正在使用Spring MVC基於應用程序的使用Spring版本4。我正在嘗試使用Apache Shiro作爲安全框架。我已經在我的應用程序中實現了AuthorizingRealm,但是當我嘗試登錄時出現了一些java.lang.NullPointerException錯誤。我的代碼如下:Apache Shiro with Spring MVC AuthorizingRealm @Autowired java.lang.NullPointerException
@Component
公共類CustomSecurCustomSecurityRealmityRealm擴展AuthorizingRealm {
@Autowired
UserService userService;
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
Set<String> roles = new HashSet<>();
Collection<org.apache.shiro.authz.Permission> permissions = new HashSet<>();
String username = (String) principals.getPrimaryPrincipal();
User user = userService.findByEmail(username);
if (user == null)
throw new UnknownAccountException();
for (Role role : user.getRole()) {
roles.add(role.getName());
for (Iterator<Permission> iterator = role.getPermissions().iterator(); iterator.hasNext();) {
Permission permission = iterator.next();
permissions.add(new WildcardPermission(permission.getName()));
}
}
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
authorizationInfo.setRoles(roles);
authorizationInfo.addObjectPermissions(permissions);
return authorizationInfo;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UsernamePasswordToken upat = (UsernamePasswordToken) token;
User user = userService.findByEmail(upat.getUsername());
if (user != null && user.getPasswordHash().equals(new String(upat.getPassword()))) {
return new SimpleAuthenticationInfo(user, user.getPasswordHash(), getName());
} else {
throw new AuthenticationException("Invalid username/password!");
}
}
}
@Configuration是如下:
@Bean
public WebSecurityManager securityManager() {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(new CustomSecurityRealm());
return securityManager;
}
@Bean
public static LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
@Bean
public MethodInvokingFactoryBean methodInvokingFactoryBean() {
MethodInvokingFactoryBean methodInvokingFactoryBean = new MethodInvokingFactoryBean();
methodInvokingFactoryBean.setStaticMethod("org.apache.shiro.SecurityUtils.setSecurityManager");
methodInvokingFactoryBean.setArguments(new Object[] { securityManager() });
return methodInvokingFactoryBean;
}
@Bean
@DependsOn(value = "lifecycleBeanPostProcessor")
public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
return new DefaultAdvisorAutoProxyCreator();
}
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor() {
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(securityManager());
return authorizationAttributeSourceAdvisor;
}
@Bean
public ShiroFilterFactoryBean shiroFilterBean() {
ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
Map<String, String> definitionsMap = new HashMap<>();
definitionsMap.put("/auth/signIn", DefaultFilter.anon.name());
definitionsMap.put("/auth/login", DefaultFilter.anon.name());
definitionsMap.put("/home/index", "authc");
shiroFilter.setFilterChainDefinitionMap(definitionsMap);
shiroFilter.setLoginUrl("/auth/login");
shiroFilter.setSuccessUrl("/home/index");
shiroFilter.setSecurityManager(securityManager());
return shiroFilter;
}
請人幫忙我爲什麼UserService userService獲得n ULL扔NullPointerException異常
是您的配置類'@ ComponentScan'註釋? – Rohan
是的。使用@ComponentScan掃描@Configuration類(「我的包」) –