Zoh*_*han 4 java spring-mvc spring-security oauth-2.0 spring-boot
所以我一直在尝试在一个简单的Spring MVC应用程序中实现oAuth2.
在我关注的指南中,AuthorizationServerConfigurerAdapter他们@Autowired是一个AuthenticationManager.他们使用Spring Boot 1.5.2版.
我想使用Spring Boot 2.0.0,因为这是最新版本,所以我想学习最新的实践.但是,当我改变时,在我的pom.xml中:
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.2.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
至:
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.0.0.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
突然间,我无法自动装配AuthenticationManager.
Could not autowire. No beans of 'AuthenticationManager' type found.
有人可以提出解决方案吗?
谢谢!
erh*_*glu 18
如果要继续启动启动程序包,根据发行说明, 您需要覆盖authanticationManagerBean内部的方法WebSecurityConfigurerAdapter.代码示例:
@Configuration
@EnableWebSecurity
public static class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
}
在最新版本的 Spring Boot 中2.7.2,类WebSecurityConfigurerAdapter已被弃用,您必须使用新的样式来编写安全配置,
没有 WebSecurityConfigurerAdapter 的 Spring Security
话虽这么说,下面的内容对我来说适用于 Spring Boot 2.7.2。我有一个 JWT 令牌过滤器,需要插入它来验证传入的 JWT 令牌。SecurityFilterChain 试图突出显示 - &的用法AuthenticationConfiguration
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.security.web.util.matcher.RequestMatcher;
//import my custom jwt class package;
import lombok.RequiredArgsConstructor;
@Configuration
@EnableWebSecurity
@RequiredArgsConstructor
public class WebSecurityConfig {
private final AuthenticationConfiguration authConfiguration;
@Bean
public AuthenticationManager authenticationManager() throws Exception {
return authConfiguration.getAuthenticationManager();
}
@Autowired
public void configure(AuthenticationManagerBuilder builder, AuthenticationProvider jwtAuthenticationProvider) {
builder.authenticationProvider(jwtAuthenticationProvider);
}
@Bean
public SecurityFilterChain configure(HttpSecurity http, AuthenticationEntryPoint authenticationEntryPoint,
RequestMatcher requestMatcher)
throws Exception {
http.cors().and().csrf().disable().exceptionHandling().authenticationEntryPoint(authenticationEntryPoint).and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().authorizeRequests()
.antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
.antMatchers(HttpMethod.GET, List.of("/favicon.ico", "/**/*.html").toArray(new String[0])).permitAll();
AbstractAuthenticationProcessingFilter jwtFilter = new MyCustomClass(requestMatcher);
jwtFilter.setAuthenticationManager(authenticationManager());
http.addFilterBefore(jwtFilter, BasicAuthenticationFilter.class);
return http.build();
}
}
| 归档时间: |
|
| 查看次数: |
4858 次 |
| 最近记录: |