```java
package com.example.security.config;
import com.example.security.handler.MyAccessDeniedHandler;
import com.example.security.handler.MyAuthenticationFailureHandler;
import com.example.security.service.UserDetailServiceImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
import javax.sql.DataSource;
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
MyAccessDeniedHandler myAccessDeniedHandler;
@Autowired
DataSource dataSource;
// @Autowired
// PersistentTokenRepository persistentTokenRepository;
@Autowired
UserDetailsService userDetailService;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.formLogin().
loginPage("/login.html").
loginProcessingUrl("/login").
successForwardUrl("/toMain").
// successHandler(new MyAuthenticationSuccessHandler("main.html")).
failureHandler(new MyAuthenticationFailureHandler("logError.html"));
// failureForwardUrl("/toError");
http.authorizeRequests()
.antMatchers("/login.html","/logError.html").permitAll()
.antMatchers("/images/**").permitAll()
.antMatchers("/demo").permitAll()
//.antMatchers("/mian2.html").hasIpAddress("127.0.0.1")
.antMatchers("/mian2.html").hasRole("s")
// .regexMatchers("/demo").permitAll()
.anyRequest().authenticated();
http.exceptionHandling().accessDeniedHandler(myAccessDeniedHandler);
http.csrf().disable();
http.rememberMe()
//设置数据源
.tokenRepository(persistentTokenRepository())
//设置过期时间
.tokenValiditySeconds(60)
//设置自定义登录逻辑
.userDetailsService(userDetailService);
}
@Bean
public PasswordEncoder get() {
return new BCryptPasswordEncoder();
}
@Bean
public PersistentTokenRepository persistentTokenRepository(){
JdbcTokenRepositoryImpl jdbcTokenRepository = new JdbcTokenRepositoryImpl();
jdbcTokenRepository.setDataSource(dataSource);
jdbcTokenRepository.setCreateTableOnStartup(true);
return jdbcTokenRepository;
}
}
![img](https://img-mid.csdnimg.cn/release/static/image/mid/ask/583860181346177.png "#left")
还有这个PersistentTokenRepository不注释时也是循环依赖
![img](https://img-mid.csdnimg.cn/release/static/image/mid/ask/899451181346126.png "#left")