在我的 Spring Security 应用程序中,我尝试在成功登录后返回 cookie 'remember_token'。我的 AuthenticanSuccessHandler 类自动连接 RememberMeService 类以从数据库获取“ token ”值。但 Autowiring 的引用 rememberMeService 返回 null。我确实提到了该类的 @Component 注释,但它并没有改变结果。 Link to complete source code
FormAuthenticationSuccessHandler:
package com.fastcheck.timesheet.common.security;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.stereotype.Component;
import com.fastcheck.timesheet.common.services.RememberMeService;
@Component
public class FormAuthenticationSuccessHandler implements AuthenticationSuccessHandler
{
@Autowired
public RememberMeService rememberMeService;
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws IOException, ServletException
{
String username;
Object principal = authentication.getPrincipal();
if (principal instanceof UserDetails)
{
username = ((UserDetails)principal).getUsername();
}
else
{
username = principal.toString();
}
System.out.println("rememberMeService :"+rememberMeService);
if(rememberMeService != null)
{
Cookie cookie=new Cookie("remember_token",rememberMeService.getRememberMeToken(username));
cookie.setMaxAge(200);
response.addCookie(cookie);
}
response.setStatus(200);
response.sendRedirect("home");
}
}
最佳答案
我从您的代码中了解到,您正在尝试实现 Spring Security 为您提供开箱即用的功能。
如果您正确实现了 Spring Security,我不明白为什么在成功进行身份验证后,记住我 token 不会像您尝试做的那样自动存储在用户的浏览器上。
关于java - Autowired 注释在 AuthenticationSuccessHandler 中返回 null,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/45663290/