在 Jetty 上使用 Spring Boot 和 Spring MVC Rest API 配置 Spring 安全性

【问题标题】:Configuration of Spring security with Spring boot and a Spring MVC Rest API on Jetty在 Jetty 上使用 Spring Boot 和 Spring MVC Rest API 配置 Spring 安全性
【发布时间】:2014-07-19 00:59:11
【问题描述】:

我目前正在使用 Jetty 上托管的 spring boot 和 spring mvc 制作一个 Rest API。此时一切正常。现在我想添加弹簧安全性,但它会引发异常:

FAILED org.springframework.boot.context.embedded.jetty.ServletContextInitializerConfiguration$InitializerListener@36895c35: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Instantiation of bean failed; nested exception is org.springframework.beans.factory.BeanDefinitionStoreException: Factory method [public javax.servlet.Filter org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain() throws java.lang.Exception] threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire method: public void org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration.setGlobalAuthenticationConfigurers(java.util.List) throws java.lang.Exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.boot.autoconfigure.security.AuthenticationManagerConfiguration': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire field: private java.util.List org.springframework.boot.autoconfigure.security.AuthenticationManagerConfiguration.dependencies; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'securityProperties': Could not bind properties; nested exception is org.springframework.beans.NotWritablePropertyException: Invalid property 'bean' of bean class [org.springframework.boot.autoconfigure.security.SecurityProperties]: Bean property 'bean' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter?

这是我的主要课程:

@Configuration
@ComponentScan
@EnableAutoConfiguration
@PropertySource({"classpath:configuration.properties"})
@Import({ApplicationConfig.class, SecurityConfig.class})
public class Application {

    public static void main(String[] args) {
        SpringApplication.run(Application.class, args);
    }

    @Autowired
    private Environment environment;

    public Environment getEnvironment() {
        return environment;
    }

    public void setEnvironment(Environment environment) {
        this.environment = environment;

    }

}

这是我的应用程序配置

@EnableWebMvc
@Configuration
@EnableTransactionManagement
public class ApplicationConfig {

    @Autowired
    private Environment environment;

    public Environment getEnvironment() {
        return environment;
    }

    public void setEnvironment(Environment environment) {
        this.environment = environment;

    }


    @Bean(name = "dataSource")
    public DriverManagerDataSource getDataSource() {
        DriverManagerDataSource driverManagerDataSource = new DriverManagerDataSource();
        driverManagerDataSource.setDriverClassName(this.getEnvironment().getProperty("database.driver"));
        driverManagerDataSource.setUrl(this.getEnvironment().getProperty("database.url"));
        driverManagerDataSource.setUsername(this.getEnvironment().getProperty("database.username"));
        driverManagerDataSource.setPassword(this.getEnvironment().getProperty("database.password"));
        return driverManagerDataSource;
    }

    @Bean(name = "sessionFactory")
    public SessionFactory getSessionFactory() {
        LocalSessionFactoryBuilder builder = new LocalSessionFactoryBuilder(this.getDataSource());
        builder.scanPackages("apt.model").addProperties(this.getHibernateProperties());
        return builder.buildSessionFactory();
    }

    private Properties getHibernateProperties() {
        Properties prop = new Properties();
        prop.put("hibernate.format_sql", this.getEnvironment().getProperty("database.verbose"));
        prop.put("hibernate.show_sql", this.getEnvironment().getProperty("database.verbose"));
        prop.put("hibernate.dialect", this.getEnvironment().getProperty("database.dialect"));
        prop.put("hbm2ddl.auto", this.getEnvironment().getProperty("database.hbm2ddl"));
        prop.put("c3p0.min_size", "5");
        prop.put("c3p0.max_size", "50");
        prop.put("c3p0.timeout", "300");
        prop.put("c3p0.max_statements", "50");
        prop.put("c3p0.idle_test_period", "3000");
        return prop;
    }

    @Bean(name = "txManager")
    public HibernateTransactionManager getTransactionManager() {
        return new HibernateTransactionManager(this.getSessionFactory());
    }

}

这里是安全配置

@Configuration
@EnableWebSecurity
@EnableAutoConfiguration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private AccountService accountService;

    @Autowired
    private AuthenticationService authenticationService;

    public AccountService getAccountService() {
        return accountService;
    }

    public void setAccountService(AccountService accountService) {
        this.accountService = accountService;
    }

    public AuthenticationService getAuthenticationService() {
        return authenticationService;
    }

    public void setAuthenticationService(AuthenticationService authenticationService) {
        this.authenticationService = authenticationService;
    }

    @Override
    public void setAuthenticationConfiguration(AuthenticationConfiguration authenticationConfiguration) {
        super.setAuthenticationConfiguration(authenticationConfiguration);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().antMatchers("/**").permitAll().anyRequest().authenticated();
        http.formLogin().loginPage("/authentication/login").permitAll().and().logout().permitAll();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(this.getAuthenticationService()).passwordEncoder(this.getPasswordEncoder());
    }

    @Bean(name = "passwordEncoder")
    public PasswordEncoder getPasswordEncoder() {
        return new BCryptPasswordEncoder();
    }

}

你知道它来自哪里吗?

【问题讨论】:

    标签: spring-mvc spring-security spring-boot


    【解决方案1】:

    听起来好像您定义了一个名为 security.bean 的属性,这导致 Spring Boot 的 org.springframework.boot.autoconfigure.security.SecurityProperties 出现绑定错误。

    发生这种情况是因为SecurityProperties 使用@ConfigurationProperties(name = "security", ignoreUnknownFields = false) 进行注释并且不包含名为bean 的属性。

    简而言之,您不应该有任何以security. 开头且未在the reference 中列出的属性。

    【讨论】:

      猜你喜欢
      • 2015-09-01
      • 1970-01-01
      • 2014-02-05
      • 2016-04-19
      • 1970-01-01
      • 2018-03-09
      • 2016-05-03
      • 2018-03-12
      • 2020-09-12
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode