Ver*_*ric 8 java spring spring-security spring-boot spring-security-oauth2
我正在尝试使用 spring boot 2.1.1 和 spring sec 5 作为 OAuth2 资源服务器的演示项目,但是当我尝试运行以下命令时
环境评价
Spring 安全核心 5.1.2
爪哇 8
代码
@RestController
@SpringBootApplication
// @EnableResourceServer
public class MyApplication {
public static void main(String[] args) {
SpringApplication.run(MyApplication.class, args);
}
@GetMapping("/hello")
public String sayHello() {
return "Hello World";
}
@Configuration
static class MyWebSecurityConfigurerAdapter extends
WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests().anyRequest().authenticated()
.and()
.oauth2ResourceServer().jwt(); // <--- throws error
}
}
}
哪个抛出错误
工厂方法“springSecurityFilterChain”抛出异常;嵌套异常是 java.lang.NoClassDefFoundError: org/springframework/security/oauth2/server/resource/web/access/BearerTokenAccessDeniedHandler
建造
我的依赖项看起来像
dependencies {
implementation('org.springframework.boot:spring-boot-starter-web')
implementation('org.springframework.boot:spring-boot-starter-security')
implementation(group: 'org.springframework.security.oauth.boot', name: 'spring-security-oauth2-autoconfigure', version: '2.1.1.RELEASE')
implementation(group: 'org.springframework.security.oauth', name: 'spring-security-oauth2', version: '2.3.4.RELEASE')
}
我也是。
但我在 org.springframework.boot:spring-boot-starter-oauth2-resource-server
顺便说一句,我导入了org.springframework.boot:spring-boot-starter-oauth2-resource-server包并使用:
http
.authorizeRequests()
.antMatchers("/**").hasAnyRole("admin")
.anyRequest().authenticated();
//.and()
//.oauth2ResourceServer() don't use it,
//.jwt();
// Do not use it, otherwise you must define
// jwtDecoderByIssuerUri or jwtDecoderByJwkKeySetUri
如果要启用oauth2ResourceServer,可能需要等待 Spring Security 5.3.x。
也许它与下一代-oauth-2-0-support-with-spring-security有关
| 归档时间: |
|
| 查看次数: |
7988 次 |
| 最近记录: |