问题[spring-boot]

我将项目从 spring boot 3.2.6 更新到3.3.0 出现以下消息：

[WARN ] 2024-06-06 16:15:14.443 [restartedMain] InitializeUserDetailsBeanManagerConfigurer$InitializeUserDetailsManagerConfigurer - Global AuthenticationManager configured with an AuthenticationProvider bean. UserDetailsService beans will not be used for username/password login. Consider removing the AuthenticationProvider bean. Alternatively, consider using the UserDetailsService in a manually instantiated DaoAuthenticationProvider.

配置：

@Configuration
@EnableWebSecurity
@EnableMethodSecurity
@RequiredArgsConstructor
public class SecurityConfiguration {

    private final JwtAuthFilter jwtAuthFilter;
    private final MyUserDetails myUserDetails;    

    @Bean
    SecurityFilterChain securityFilterChain(final HttpSecurity http) throws Exception {
        return http
            .cors(AbstractHttpConfigurer::disable)
            .csrf(AbstractHttpConfigurer::disable)
            .authorizeHttpRequests(
                auth -> auth.requestMatchers("/public/**").permitAll()
                .requestMatchers("/api/v1/token", "/api/v1/refreshToken").permitAll()
                .anyRequest().authenticated()
            )
            .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
            .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class)
            .build();
    }

    @Bean
    AuthenticationManager authenticationManager(AuthenticationConfiguration configuration) throws Exception {
        return configuration.getAuthenticationManager();
    }

    @Bean
    PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Bean
    AuthenticationProvider authenticationProvider() {
        var provider = new DaoAuthenticationProvider();
        provider.setUserDetailsService(myUserDetails);
        provider.setPasswordEncoder(passwordEncoder());

        return provider;
    }
    
}

我不知道该怎么办

我什至不知道去哪里挖（

我在收到 SIGTERM 命令后实现了 SpringBoot 应用程序的正确终止。设置 SpringBoot 的设置：

server:
  shutdown: graceful

spring.task.execution:
  pool:
    allow-core-thread-timeout: true
    keep-alive: 3m
  shutdown:
    await-termination: true
    await-termination-period: 3m

我还尝试使用 ThreadPoolTask​​Executor：

ThreadPoolTaskExecutor defaultExecutor = new ThreadPoolTaskExecutor();
    defaultExecutor.setKeepAliveSeconds(180);
    defaultExecutor.setWaitForTasksToCompleteOnShutdown(true);
    defaultExecutor.setAwaitTerminationSeconds(180);

但遇到了问题。在异步线程中调用 SOAP 方法，该方法崩溃并出现错误：

ERROR [iso20022.app.FCR,3b58933b54e5e47c,1eb7da1d0650e9d9] 2808 --- [     h2h-async1] r.a.h.c.RepeaterInvocationHandler        : error on calling jdk.proxy6.$Proxy236.wsAccountBaseInfoGet
java.lang.ExceptionInInitializerError: null
    at com.sun.xml.ws.transport.http.client.HttpTransportPipe.getTransport(HttpTransportPipe.java:154) ~[jaxws-rt-2.3.1.jar:2.3.1]
…
Caused by: java.lang.IllegalStateException: Illegal access: this web application instance has been stopped already. Could not load [META-INF/services/javax.xml.bind.JAXBContext]. The following stack trace is thrown for debugging purposes as well as to attempt to terminate the thread which caused the illegal access.
at org.apache.catalina.loader.WebappClassLoaderBase.checkStateForResourceLoading(WebappClassLoaderBase.java:1432)
at org.apache.catalina.loader.WebappClassLoaderBase.getResourceAsStream(WebappClassLoaderBase.java:1140)
at javax.xml.bind.ContextFinder.firstByServiceLoaderDeprecated(ContextFinder.java:620)
at javax.xml.bind.ContextFinder.find(ContextFinder.java:408)
at javax.xml.bind.JAXBContext.newInstance(JAXBContext.java:721)
at javax.xml.bind.JAXBContext.newInstance(JAXBContext.java:662)
at com.sun.xml.ws.transport.http.client.HttpClientTransport.<clinit>(HttpClientTransport.java:84)
... 83 more

在此方法之前，feign 客户端通过 REST 搜索并保存到数据库，没有任何问题。该错误只能用 catch(Error e) 捕获，因为 Exception 不会被捕获。如果有人遇到类似的，提示去哪里挖？

有一个本地任务 - 查找带有自定义注释的方法，其本质在于标记。也就是说，如果此注解存在于方法上，则保存该方法的名称以供后续使用。通过枚举 ApplicationContext 中的 bean 及其方法，并为方法搜索所需的注解，该任务很容易解决。但是只要需要的方法有@Async注解，那么isAnnotationPresent就表明没有这个注解，而且确实该方法没有任何注解，包括@Async。更有趣的是，如果类中有几个方法带有所需的注解，并且该类的其中一个方法具有@Async注解，那么上述搜索注解的方法即使对于未标记的方法也显示它们不存在与@Async。问题是，如何在项目中找到所有带有所需注释的方法？

实验搜索类注解：

@Component
@Slf4j
@EnableAsync
public class BeanFinder {
    private final ApplicationContext applicationContext;
    public BeanFinder(ApplicationContext applicationContext) {
        this.applicationContext = applicationContext;
    }
    @EventListener(ApplicationReadyEvent.class)
    public void findBean() {
        log.info("find async");
        Arrays.stream(applicationContext.getBeanDefinitionNames()).
            forEach(x -> Arrays.stream(applicationContext.getBean(x).getClass().getDeclaredMethods())
                .filter(y -> y.isAnnotationPresent(Annotation1.class)).forEach(y -> log.info(y.getName())));
    }
}   

实验注释：

@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
public @interface Annotation1 {
}

带有方法的实验类：

@Component
public class BeanAsync {
    @Async
    @Annotation1
    public void method1Async() {
    }
    @Annotation1
    public void method2() {
    }
    public void method3() {
    }
    @Async
    public void method4() {
    }
}

我在网站上进行了注册，但用户角色仅通过数据库设置。如何自动为授权用户分配角色？

角色表

package com.example.playGame.models;

import javax.persistence.*;

import java.util.Set;
@Entity
@Table(name = "role")
public class Role {
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private Long id;
    private String name;
    @ManyToMany(mappedBy = "roles")
    private Set<User> users;
    public Long getId() {
        return id;
    }
    public void setId(Long id) {
        this.id = id;
    }
    public String getName() {
        return name;
    }
    public void setName(String name) {
        this.name = name;
    }
    public Set<User> getUsers() {
        return users;
    }
    public void setUsers(Set<User> users) {
        this.users = users;
    }
}

用户表

package com.example.playGame.models;

import javax.persistence.*;
import java.util.Set;

@Entity
@Table(name = "user")
public class User {
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private Long id;

    private String firstname;
    private String lastname;
    private String email;
    private String password;

    public String getFirstname() {
        return firstname;
    }

    public void setFirstname(String firstname) {
        this.firstname = firstname;
    }

    public String getLastname() {
        return lastname;
    }

    public void setLastname(String lastname) {
        this.lastname = lastname;
    }

    public String getEmail() {
        return email;
    }

    public void setEmail(String email) {
        this.email = email;
    }


    @ManyToMany
    private Set<Role> roles;
    public Long getId() {
        return id;
    }
    public void setId(Long id) {
        this.id = id;
    }
    public String getPassword() {
        return password;
    }
    public void setPassword(String password) {
        this.password = password;
    }
    public Set<Role> getRoles() {
        return roles;
    }
    public void setRoles(Set<Role> roles) {
        this.roles = roles;
    }
}

注册控制器

@Controller
public class registrationController {
    @Autowired
    private UserRepository userRepository;
    @Autowired
    private RoleRepository roleRepository;

    @GetMapping("/registration")
    public String registration(Model model){
        model.addAttribute("user",new User());
        return "registration";
    }

    @PostMapping("/process_register")
    public String processRegister(User user, Role role) {
        BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
        String encodedPassword = passwordEncoder.encode(user.getPassword());
        user.setPassword(encodedPassword);
        userRepository.save(user);
        return "register_success";
    }
}

先生们，专家，告诉我，pliz：Spring Boot / Security 项目，当添加到 html/Thymeleaf sec:authentication=”principal.authorities”浏览器发出 500 和

Error retrieving value for property "”principal.authorities”" of authentication object of class org.springframework.security.authentication.UsernamePasswordAuthenticationToken

Invalid property '”principal' of bean class [org.springframework.security.authentication.UsernamePasswordAuthenticationToken]: Bean property '”principal' is not readable or has an invalid getter method: Does the return type of the getter match the parameter type of the setter?

同时，authentication.getAuthorities() 在控制台中显示值，一切都在调试中到位，如果您注释掉有问题的行，则访问限制适用于该按钮：

    <div sec:authorize="hasAuthority('ADMIN')">
    <form th:action="@{/bankdemo/accounts/show/{phone}(phone=${account.phone})}"
     th:method="delete">
        <input type="hidden" th:name="id" th:value="${bill.id}"/> 
            <button class="btn btn-danger"
            onclick="if (!(confirm('Are you sure you want to delete this bill?')))
                return false">
            Erase</button>
    </form>
    </div>

场地：

    @ElementCollection(targetClass = Role.class)
    @CollectionTable(name="roles", joinColumns = @JoinColumn(name="account_id"))
    @Enumerated(EnumType.STRING)
    private Set<Role> roles;

吸气剂：

    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        return roles;
    }

埃南：

public enum Role implements GrantedAuthority{
    ADMIN, CLIENT;

    @Override
    public String getAuthority() {
        return name();
    }
}

怎么了？