Próbuję podać przykład na temat bezpieczeństwa wiosennego (autoryzacja roli użytkownika) przy użyciu adnotacji @PreAuthorize, ale utknąłem w punkcie poniżej błędu.@PreAuthorize nie działa - czy istnieje nierozwiązywalny okólnik?
Caused by: org.springframework.beans.BeanInstantiationException:
Failed to instantiate [org.aopalliance.intercept.MethodInterceptor]:
Factory method 'methodSecurityInterceptor' threw exception; nested exception is org.springframework.beans.factory.BeanCurrentlyInCreationException: Error creating bean with name 'methodSecurityInterceptor': Requested bean is currently in creation: Is there an unresolvable circular reference?
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:189)
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588)
... 91 more
Caused by: org.springframework.beans.factory.BeanCurrentlyInCreationException: Error creating bean with name 'methodSecurityInterceptor': Requested bean is currently in creation: I
s there an unresolvable circular reference?
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.beforeSingletonCreation(DefaultSingletonBeanRegistry.java:347)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:223)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:299)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:199)
at org.springframework.security.access.intercept.aopalliance.MethodSecurityMetadataSourceAdvisor.getAdvice(MethodSecurityMetadataSourceAdvisor.java:107)
at org.springframework.aop.aspectj.AspectJProxyUtils.isAspectJAdvice(AspectJProxyUtils.java:67)
at org.springframework.aop.aspectj.AspectJProxyUtils.makeAdvisorChainAspectJCapableIfNecessary(AspectJProxyUtils.java:49)
Moja WebSecurityConfigurerAdapter klasa rozszerzenie:
@Configuration
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
@EnableGlobalMethodSecurity(prePostEnabled = true)
public static class FormLoginWebSecurityConfigurerAdapter extends
WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().authenticated().and()
.formLogin().loginPage("/login").defaultSuccessUrl("/home")
.permitAll().and().logout().permitAll()
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.logoutSuccessUrl("/login?logout").permitAll()
.and().httpBasic()
.and().exceptionHandling()
.accessDeniedPage("/access?error");
}
I poziom metoda kontroli autoryzacji w UserController:
@Controller
@EnableAutoConfiguration
public class UserController {
@PreAuthorize("hasAnyAuthority('111')")
@RequestMapping(value = "/users")
public String userManagement(Model model) {
.
return something;
}
}
jestem coraz władze użytkownika (lista) w czasie login, który ma 111 w tym
Czy ktoś może mi pomóc z błędem w obliczu?