java Autowired批注在AuthenticationSuccessHandler中返回null
在我的Spring安全应用程序中,我尝试在成功登录后返回cookie“记住令牌”。MyAuthenticateSccessHandlerclass自动连接RememberService类以从数据库获取“令牌”值。但autowired referenceRememberService返回空值。我确实提到了类的@Component注释,但它没有改变结果Link to complete source code
FormAuthenticationSuccessHandler:
package com.fastcheck.timesheet.common.security;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.stereotype.Component;
import com.fastcheck.timesheet.common.services.RememberMeService;
@Component
public class FormAuthenticationSuccessHandler implements AuthenticationSuccessHandler
{
@Autowired
public RememberMeService rememberMeService;
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws IOException, ServletException
{
String username;
Object principal = authentication.getPrincipal();
if (principal instanceof UserDetails)
{
username = ((UserDetails)principal).getUsername();
}
else
{
username = principal.toString();
}
System.out.println("rememberMeService :"+rememberMeService);
if(rememberMeService != null)
{
Cookie cookie=new Cookie("remember_token",rememberMeService.getRememberMeToken(username));
cookie.setMaxAge(200);
response.addCookie(cookie);
}
response.setStatus(200);
response.sendRedirect("home");
}
}
# 1 楼答案
我从您的代码中了解到的是,您正在尝试实现创建SpringSecurity的目的是为您实现开箱即用
如果您正确地实现了spring安全性,我不明白为什么在成功进行身份验证后,RememberMe令牌不会自动存储在用户的浏览器上,就像您正在尝试的那样
# 2 楼答案
记住自动发送到浏览器的令牌。您不需要单独发送。是否可以提供浏览器返回的cookie值?否则请使用下面的脚本进行解码
cookieAsPlainText作为普通值应为series:token格式。请让我知道这是否有帮助