SpringBoot使用@EnableTransactionManagement开启事务再整合Shiro时,如果在AuthorizingRealm中注入了Service。代码如下:
// SpringBoot启动类
@SpringBootApplication
@EnableTransactionManagement
@MapperScan("com.boge.mapper")
public class DingTalkAdminApplication {
public static void main(String[] args) {
SpringApplication.run(DingTalkAdminApplication.class, args);
}
}
// Mapper映射类
package com.boge.mapper;
import org.apache.ibatis.annotations.Select;
import com.boge.entity.User;
public interface UserMapper extends BaseDaoMapper<User, Long> {
@Select("select * from t_user where username = #{username}")
User findByUsername(String username);
}
// EhCache缓存配置类
@Configuration
@EnableCaching
public class EhCacheConfig {
@Bean
public EhCacheManagerFactoryBean ehCacheManager() {
EhCacheManagerFactoryBean ehCacheManager = new EhCacheManagerFactoryBean();
//注:如果application.yml配置文件中设置了spring.cache.ehcache.config=classpath:ehcache.xml
//则此处不需要setConfigLocation,SpringBoot会自动将ehcache.xml加入到EhCacheManagerFactoryBean
ehCacheManager.setConfigLocation(new ClassPathResource("ehcache.xml"));
ehCacheManager.setShared(true);
return ehCacheManager;
}
@Bean
public EhCacheCacheManager cacheManager(EhCacheManagerFactoryBean bean) {
CacheManager cacheManager = bean.getObject();
return new EhCacheCacheManager(cacheManager);
}
}
// 用户Service实现类
@Service
public class UserServiceImpl extends BaseServiceImpl<User, Long> implements IUserService {
@Inject
private UserMapper userMapper;
@Override
@Transactional(readOnly = true)
public User findByUsername(String username) {
return userMapper.findByUsername(StringUtils.lowerCase(username));
}
}
// Shrio授权域类-AuthorizingRealm
public class AuthorizingRealm extends org.apache.shiro.realm.AuthorizingRealm {
@Inject
private IUserService userService;
...
}
// Shiro配置类
package com.boge.config;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.config.MethodInvokingFactoryBean;
import org.springframework.cache.ehcache.EhCacheManagerFactoryBean;
import com.boge.security.AuthorizingRealm;
@Configuration
public class ShiroConfig {
@Bean
public EhCacheManager shiroCacheManager(EhCacheManagerFactoryBean bean) {
EhCacheManager shiroCacheManager = new EhCacheManager();
shiroCacheManager.setCacheManager(bean.getObject());
return shiroCacheManager;
}
@Bean
public AuthorizingRealm authorizingRealm() {
AuthorizingRealm authorizingRealm = new AuthorizingRealm();
authorizingRealm.setAuthenticationCacheName("authorization");
return authorizingRealm;
}
@Bean
public MethodInvokingFactoryBean methodInvokingFactoryBean(EhCacheManager shiroCacheManager, AuthorizingRealm authorizingRealm) {
MethodInvokingFactoryBean methodInvokingFactoryBean = new MethodInvokingFactoryBean();
methodInvokingFactoryBean.setStaticMethod("org.apache.shiro.SecurityUtils.setSecurityManager");
methodInvokingFactoryBean.setArguments(securityManager(shiroCacheManager, authorizingRealm));
return methodInvokingFactoryBean;
}
@Bean
public DefaultWebSecurityManager securityManager(EhCacheManager shiroCacheManager, AuthorizingRealm authorizingRealm) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setCacheManager(shiroCacheManager);
securityManager.setRealm(authorizingRealm);
return securityManager;
}
}运行时报如下异常:
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'shiroEventBusAwareBeanPostProcessor' defined in class path resource [org/apache/shiro/spring/boot/autoconfigure/ShiroBeanAutoConfiguration.class]: BeanPostProcessor before instantiation of bean failed;
nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.cache.annotation.ProxyCachingConfiguration': BeanPostProcessor before instantiation of bean failed; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration': BeanPostProcessor before instantiation of bean failed;...
分析:
注意上面异常中红色标识的 "ProxyTransactionManagementConfiguration" 由此判断出,事务管理器Bean还没有创建成功。对应到本例就是:在SpringBoot创建Shiro相关Bean时,某个ShiroBean中有使用到事务(如本例的AuthorizingRealm类中有注入userService,在userService中又有用到@Transactional),而此时的事务管理器Bean还未被注入。因此,导致Shiro相关的依赖Bean(如此处的userService)注入失败,最终导致Siro本身的Bean注入失败。
分析结果:造成如上异常是由Bean的加载顺序造成。因ShiroConfig类上面标注了@Configuration注解,说明它就是个配置类。而@EnableTransactionManagement是在ApplicationContext中的配置中,此时ShiroConfig中的Bean要比ApplicationContext配置中的事务管理器Bean先一步被注入。
两种解决方案:
1、通过在ShiroConfig配置类中往securityManager添加@DependsOn(TransactionManagementConfigUtils.TRANSACTION_ADVISOR_BEAN_NAME)
表示是等待@DependsOn注解中指定的Bean注入完成后再来注入securityManager
注意:本例是使用的SpringBoot默认的基于JDK的动态代理模式(transaction advisor),因此此处的事务管理器Bean的名字使用的是TransactionManagementConfigUtils.TRANSACTION_ADVISOR_BEAN_NAME
对应的全限定名称就是:org.springframework.transaction.config.internalTransactionAdvisor
如果使用Spring的cglib切面动态代理模式(transaction aspect),则此处的事务管理器Bean的名字需要换成TransactionManagementConfigUtils.TRANSACTION_ASPECT_BEAN_NAME
对应的全限定名称就是:org.springframework.transaction.config.internalTransactionAspect
代码片段如下:
@Bean
@DependsOn(TransactionManagementConfigUtils.TRANSACTION_ADVISOR_BEAN_NAME)
public DefaultWebSecurityManager securityManager(EhCacheManager shiroCacheManager, AuthorizingRealm authorizingRealm) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setCacheManager(shiroCacheManager);
securityManager.setRealm(authorizingRealm);
return securityManager;
}2、通过创建一个InitListener来监听ApplicationContext是否加载完成,等待其加载完成后再进行Shiro相关设置。代码如下:
package com.boge.listener;
import javax.inject.Named;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.ApplicationContext;
import org.springframework.context.event.ContextRefreshedEvent;
import org.springframework.context.event.EventListener;
import com.boge.security.AuthorizingRealm;
@Named
public class InitListener {
/**
* 事件处理
*
* @param event
* ContextRefreshedEvent
*/
@EventListener
public void handle(ContextRefreshedEvent event) {
ApplicationContext context = event.getApplicationContext();
if (context == null || event.getApplicationContext().getParent() != null) {
return;
}
DefaultWebSecurityManager securityManager = (DefaultWebSecurityManager) context.getBean("securityManager");
AuthorizingRealm authorizingRealm = (AuthorizingRealm) context.getBean("authorizingRealm");
// 在这里将authorizingRealm注入到securityManager
securityManager.setRealm(authorizingRealm);
}
}最后不要忘了删除SiroConfig中的securityManager注入authorizingRealm的相关操作,修改后的代码如下:
@Bean
public DefaultWebSecurityManager securityManager(EhCacheManager shiroCacheManager) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setCacheManager(shiroCacheManager);
return securityManager;
}
2万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
