问题
I have implemented Spring security on my struts2 application and it perfectly works, but it runs into error java.lang.NullPointerException on line 3.
Although it seems passwordEncoder configuration works as by adding those I cant login with a plain text password any more.
<authentication-manager>
<authentication-provider>
<password-encoder ref="passwordEncoder"/>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="
select username,password,enabled
from Users where username=?"
authorities-by-username-query="
select username,authority
from Users where username = ?"
/>
</authentication-provider>
</authentication-manager>
<beans:bean id="passwordEncoder"
xmlns="http://www.springframework.org/schema/beans"
class="org.springframework.security.authentication.encoding.ShaPasswordEncoder">
<constructor-arg value="256"/>
</beans:bean>
</beans:beans>
MyClass.java
import org.springframework.security.authentication.encoding.ShaPasswordEncoder;;
....
private ShaPasswordEncoder passwordEncoder;
public ShaPasswordEncoder getPasswordEncoder() {
return passwordEncoder;
}
@Autowired
public void setPasswordEncoder(ShaPasswordEncoder passwordEncoder) {
this.passwordEncoder = passwordEncoder;
}
public void encode(String username)
{
1 System.err.println("encode password");
2 String encodedPassword = "";
3 encodedPassword = passwordEncoder.encodePassword("Jack",username);
4 System.err.println("encoded password " + encodedPassword);
}
pom.xml
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>3.1.1.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>3.1.1.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>3.1.1.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>3.1.1.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>3.1.1.RELEASE</version>
</dependency>
回答1:
Do you actually inject the encoder into Encode.java somehow somewhere? If not,then that is your problem.
if you need a quick and dirty solution which will probably work. just make it
private ShaPasswordEncoder passwordEncoder=new ShaPasswordEncoder(256);
and then find out what you are doing wrong with the injection.
maybe read this to see how injection should be done.
What is the difference between @Inject and @Autowired in Spring Framework? Which one to use under what condition?
回答2:
@Autowired
will work only on Spring managed beans. So your MyClass
should be a @Service
or @Repository
or @Component
etc (or it may be simply configured in your XML as a <bean>
)
Also, I don't understand your
I cant login with a plain text password any more.
The encoding of the user entered password and the comparison with the encoded password from the database is done by spring security internally. All it needs is a UserDetails
object which will be provided by your jdbc-user-service
.
来源:https://stackoverflow.com/questions/17479387/spring-security-passwordencoder-returns-null