我试图创建一个只对包含用户角色的单个请求有效的bean。在调用任何控制器方法之前,我将在@Around方法中填充角色。然后我需要稍后访问这些角色以进行其他授权检查。在@Around内弹簧请求作用域bean未能被自动装入
@Component
@Aspect
public class SecurityAudit {
@Autowired
private CurrentRoles currentRoles;
@Around("@annotation(requestMapping) && execution(*
com.myapp.controller..*.*(..))")
public Object around(ProceedingJoinPoint pjp, RequestMapping requestMapping)
throws Throwable {
...
...
//I populate the roles with a db lookup. They will be referenced here, and later in controller methods as-needed.
}
}
package com.myapp.model;
...
...
@JsonInclude(JsonInclude.Include.NON_NULL)
@Generated("org.jsonschema2pojo")
@JsonPropertyOrder({
"sso",
"roles"
})
@Component
@Scope(value="request", proxyMode=ScopedProxyMode.TARGET_CLASS)
public class CurrentRoles {
@JsonProperty("roles")
private Set<Role> roles;
...
...
}
我得到如下:
org.springframework.beans.factory.BeanCreationException:错误创建名称为豆 'securityAudit':自动装配依赖注入失败;嵌套异常是org.springframework.beans.factory.BeanCreationException:无法自动装入字段:private com.myapp.model.CurrentRoles com.myapp.currentRoles;嵌套异常是org.springframework.beans.factory.NoSuchBeanDefinitionException:找不到符合条件的[com.myapp.model.CurrentRoles]类型的合格bean:期望至少1个符合此依赖关系自动装配候选资格的bean。依赖注释:{@ org.springframework.beans.factory.annotation.Autowired(required = true)}
Aspect在启动时创建。我会虽然注入的请求范围的bean将保持null,直到请求开始进入,然后我可以填充currentRoles豆的具体请求。