为什么 loadUserByUsername 方法会抛出空异常?

【问题标题】:Why does the loadUserByUsername method throw a null exception?为什么 loadUserByUsername 方法会抛出空异常?
【发布时间】:2021-03-04 08:41:35
【问题描述】:

你好, 请仅使用用户的电子邮件和密码连接用户时出错。
在堆栈跟踪中,我有一个空指针异常,因为 getUserAuthority 和 loadUserByUsername 方法不返回我的数据库中存在的用户。 这是我的 adminController 类:

@Controller

公共类 AdminController {

@GetMapping(value = { "/", "/login" })
public ModelAndView login(@RequestParam(value = "error", required = false) String error,
        @RequestParam(value = "logout", required = false) String logout) {
    ModelAndView modelAndView= new ModelAndView("login");

    if (error !=null) {
        modelAndView.addObject("error", "Invalid Username and password!");
    }
    
    if (logout !=null) {
        modelAndView.addObject("message", "You're been logout out successfully.");
    }
    return modelAndView;
}



@GetMapping(value = {"/logout"})
private String logout() {
    SecurityContextHolder.getContext().setAuthentication(null);
    return "redirect:login";
    
}

@GetMapping(value = "/home")
public String home() {
    
    return "redirect:dashboard";
}

} customUservice 类:

@Service("customUserDetailsService")

公共类 CustomuserDetailService 实现 UserDetailsS​​ervice {

private final UserService userService;

@Autowired
public CustomuserDetailService(UserService userService) {
    super();
    this.userService = userService;
}

@Override
@Transactional
public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
    UserDto userDto = userService.findUserByEmail(email);

    if (userDto !=null) {

        List<GrantedAuthority> authorities = getUserAuthority(userDto.getRolesDtos());

        return buildUserForAuthentication(userDto, authorities);
    }else {
    throw new UsernameNotFoundException("user with email" + email + "does not exist.");
}
}

private List<GrantedAuthority> getUserAuthority(Set<RoleDto> userRoles) {
    Set<GrantedAuthority> roles = new HashSet<>();
    userRoles.forEach((role) -> {
        roles.add(new SimpleGrantedAuthority(role.getName()));
        
    });
    return new ArrayList<GrantedAuthority>(roles);
    
}

private UserDetails buildUserForAuthentication(UserDto user, List<GrantedAuthority> authorities) {
    return new org.springframework.security.core.userdetails.User(user.getEmail(), user.getPassword(), authorities);
}

} 和stackTace:

休眠:选择 user0_.users_id 作为 users_id1_7_,user0_.email 作为 email2_7_,user0_.first_name 作为 first_na3_7_,user0_.last_name 作为 last_nam4_7_,user0_.mobile_number 作为 mobile_n5_7_,user0_.password 作为 password6_7_ from bankass.users user0_ where user0_.email =? 休眠:从bankass.users_roles中选择roles0_.users_id作为users_id1_8_0_,role0_.role_id作为role_id2_8_0_,role1_.role_id作为role_id1_2_1_,role1_.role作为role2_2_1_从bankass.users_roles角色0_内部加入bankass.role role1_在role0_.role_id=role1_.role_id where roles0_.users_id= ? Hibernate: 选择 users0_.role_id 作为 role_id2_8_0_, users0_.users_id 作为 users_id1_8_0_, user1_.users_id 作为 users_id1_7_1_, user1_.email 作为 email2_7_1_, user1_.first_name 作为 first_na3_7_1_, user1_.last_name 作为 last_nam4_7_1_, user1_.mobile_number 作为 mobile_n5_从 bankass.users_roles users0_ 内部加入 bankass.users user1_ on users0_.users_id=user1_.users_id where users0_.role_id=? 休眠:从bankass.users_roles中选择roles0_.users_id作为users_id1_8_0_,role0_.role_id作为role_id2_8_0_,role1_.role_id作为role_id1_2_1_,role1_.role作为role2_2_1_从bankass.users_roles角色0_内部加入bankass.role role1_在role0_.role_id=role1_.role_id where roles0_.users_id= ? 休眠:从bankass.users_roles中选择roles0_.users_id作为users_id1_8_0_,role0_.role_id作为role_id2_8_0_,role1_.role_id作为role_id1_2_1_,role1_.role作为role2_2_1_从bankass.users_roles角色0_内部加入bankass.role role1_在role0_.role_id=role1_.role_id where roles0_.users_id= ? 休眠:从bankass.users_roles中选择roles0_.users_id作为users_id1_8_0_,role0_.role_id作为role_id2_8_0_,role1_.role_id作为role_id1_2_1_,role1_.role作为role2_2_1_从bankass.users_roles角色0_内部加入bankass.role role1_在role0_.role_id=role1_.role_id where roles0_.users_id= ? 休眠:从bankass.users_roles中选择roles0_.users_id作为users_id1_8_0_,role0_.role_id作为role_id2_8_0_,role1_.role_id作为role_id1_2_1_,role1_.role作为role2_2_1_从bankass.users_roles角色0_内部加入bankass.role role1_在role0_.role_id=role1_.role_id where roles0_.users_id= ? 2020-11-20 23:14:38.042 ERROR 330726 --- [nio-8080-exec-1] w.a.UsernamePasswordAuthenticationFilter :尝试对用户进行身份验证时发生内部错误。

org.springframework.security.authentication.InternalAuthenticationServiceException: null 在 org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:123) ~[spring-security-core-5.3.4.RELEASE.jar:5.3.4.RELEASE] 在 org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:144) ~[spring-security-core-5.3.4.RELEASE.jar:5.3.4.RELEASE] 在 org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:199) ~[spring-security-core-5.3.4.RELEASE.jar:5.3.4.RELEASE] 在 org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:219) ~[spring-security-core-5.3.4.RELEASE.jar:5.3.4.RELEASE] 在 org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:95) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE] 在 org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE] 在 org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE] 在 org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE] 在 org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE] 在 org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:92) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE] 在 org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE] 在 org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE] 在 org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE] 在 org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE] 在 org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE] 在 org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE] 在 org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE] 在 org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE] 在 org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE] 在 org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:93) ~[spring-boot-actuator-2.3.4.RELEASE.jar:2.3.4.RELEASE] 在 org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1590) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) ~[na:na] 在 java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) ~[na:na] 在 org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-embed-core-9.0.38.jar:9.0.38] 在 java.base/java.lang.Thread.run(Thread.java:834) ~[na:na] 引起:java.lang.NullPointerException:null 在 com.busreseravtionsystem.busreservation.security.CustomuserDetailService.getUserAuthority(CustomuserDetailService.java:50) ~[classes/:na] 在 com.busreseravtionsystem.busreservation.security.CustomuserDetailService.loadUserByUsername(CustomuserDetailService.java:40) ~[classes/:na] 在 com.busreseravtionsystem.busreservation.security.CustomuserDetailService$$FastClassBySpringCGLIB$$b6891340.invoke() ~[classes/:na] 在 org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218) ~[spring-core-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:771) ~[spring-aop-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163) ~[spring-aop-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749) ~[spring-aop-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:367) ~[spring-tx-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:118) ~[spring-tx-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) ~[spring-aop-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:749) ~[spring-aop-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:691) ~[spring-aop-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在 com.busreseravtionsystem.busreservation.security.CustomuserDetailService$$EnhancerBySpringCGLIB$$9c7d4a88.loadUserByUsername() ~[classes/:na] 在 org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:108) ~[spring-security-core-5.3.4.RELEASE.jar:5.3.4.RELEASE] ...省略了58个常用框架

【问题讨论】:

  • 我知道前缀“ROLE_”在你想通过roles.add(new SimpleGrantedAuthority("ROLE_"+role.getName()); 为用户赋予角色时使用。在我的角色表,我的 postgresql 数据库中有 ADMIN,但是我收到错误 org.springframework.security.authentication.InternalAuthenticationServiceException: null
  • 我什么时候应该在数据库或应用程序代码中为 ROLE_ 加上 Spring Security 5 前缀?

标签: spring spring-boot spring-security spring-data-jpa thymeleaf


【解决方案1】:

role 为空,因为在 UserDTO 中我有 RoleDto。所以我需要将“roleName”重命名为“role”,因为它是一个复杂的对象。

【讨论】:

    猜你喜欢
    • 1970-01-01
    • 2022-01-05
    • 2022-09-30
    • 1970-01-01
    • 1970-01-01
    • 2016-06-15
    • 2021-04-28
    • 2013-09-04
    • 1970-01-01
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode