我正在尝试通过令牌对用户进行身份验证,但是当我尝试自动连接一个用户时,我的服务AuthenticationTokenProcessingFilter会出现空指针异常。由于自动有线服务为空,如何解决此问题?
AuthenticationTokenProcessingFilter
我的AuthenticationTokenProcessingFilter课
@ComponentScan(basePackages = {"com.marketplace"}) public class AuthenticationTokenProcessingFilter extends GenericFilterBean { @Autowired @Qualifier("myServices") private MyServices service; public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { @SuppressWarnings("unchecked") Map<String, String[]> parms = request.getParameterMap(); if (parms.containsKey("token")) { try { String strToken = parms.get("token")[0]; // grab the first "token" parameter User user = service.getUserByToken(strToken); System.out.println("Token: " + strToken); DateTime dt = new DateTime(); DateTimeFormatter fmt = DateTimeFormat.forPattern("yyyy-MM-dd HH:mm:ss"); DateTime createdDate = fmt.parseDateTime(strToken); Minutes mins = Minutes.minutesBetween(createdDate, dt); if (user != null && mins.getMinutes() <= 30) { System.out.println("valid token found"); List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>(); authorities.add(new SimpleGrantedAuthority("ROLE_ADMIN")); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(user.getEmailId(), user.getPassword()); token.setDetails(new WebAuthenticationDetails((HttpServletRequest) request)); Authentication authentication = new UsernamePasswordAuthenticationToken(user.getEmailId(), user.getPassword(), authorities); //this.authenticationProvider.authenticate(token); SecurityContextHolder.getContext().setAuthentication(authentication); }else{ System.out.println("invalid token"); } } catch(Exception e) { e.printStackTrace(); } } else { System.out.println("no token found"); } // continue thru the filter chain chain.doFilter(request, response); } }
我尝试在我中添加以下内容 AppConfig
AppConfig
@Bean(name="myServices") public MyServices stockService() { return new MyServiceImpl(); }
我的AppConfig注释是
@Configuration @EnableWebMvc @ComponentScan(basePackages = "com.marketplace") public class AppConfig extends WebMvcConfigurerAdapter {
你不能使用开箱即用的过滤器中的依赖项注入。尽管你正在使用GenericFilterBean,但是Servlet过滤器不是由spring管理的。如javadocs所指出的
This generic filter base class has no dependency on the Spring org.springframework.context.ApplicationContext concept. Filters usually don't load their own context but rather access service beans from the Spring root application context, accessible via the filter's ServletContext (see org.springframework.web.context.support.WebApplicationContextUtils).
用简单的英语来说,我们不能指望spring注入服务,但是我们可以在第一次调用时就懒惰设置它。例如
public class AuthenticationTokenProcessingFilter extends GenericFilterBean { private MyServices service; @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { if(service==null){ ServletContext servletContext = request.getServletContext(); WebApplicationContext webApplicationContext = WebApplicationContextUtils.getWebApplicationContext(servletContext); service = webApplicationContext.getBean(MyServices.class); } your code ... } }