[英]Integrating Spring boot with Spring Security
Here's my application class. 这是我的应用程序类。
@SpringBootApplication
@ComponentScan({"org.app.genesis.client.controller","org.app.genesis.commons.service",
"org.app.genesis.commons.security","org.app.genesis.inventory.service","org.app.genesis.client.auth"})
@EnableJpaRepositories(basePackages = "org.app.genesis.*.repo")
@EntityScan(basePackages = "org.app.genesis.*.model")
public class Application extends SpringBootServletInitializer {
public static void main(String[] args) {
ApplicationContext ctx = SpringApplication.run(Application.class, args);
}
@Override
protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
return application.sources(Application.class);
}
..other configs here
@Configuration
@EnableWebSecurity
@ComponentScan({"org.app.genesis.client.auth"})
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private AuthenticationProvider customAuthProvider;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(customAuthProvider);
}
}
}
However whenever I build the app. 但是,每当我构建应用程序时。 it always throw this exception
它总是抛出这个异常
[ERROR] Failed to execute goal org.springframework.boot:spring-boot-maven-plugin:1.2.3.RELEASE:run (default-cli) on project app-client-webapp: An exception occured while running. null:
InvocationTargetException: Unable to start embedded container; nested exception is org.springframework.boot.context.embedded.EmbeddedServletContainerException: Unable to start embedded Tomcat: Error creating bean with name 'org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire method: public void `org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.setFilterChainProxySecurityConfigurer(org.springframework.security.config.annotation.ObjectPostProcessor,java.util.List) throws java.lang.Exception; nested exception is org.springframework.beans.factory.BeanExpressionException: Expression parsing failed; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.app.genesis.client.Application$SecurityConfig': Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.app`enter code here`.genesis.client.Application$SecurityConfig$$EnhancerBySpringCGLIB$$b49171d7]: No default constructor found; nested exception is java.lang.NoSuchMethodException: org.app.genesis.client.Application$SecurityConfig$$EnhancerBySpringCGLIB$$b49171d7.<init>() -> [Help 1]`
EDIT: New Spring Security Config 编辑:新的Spring Security配置
@Configuration
@EnableWebSecurity
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
protected static class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
@Qualifier("customAuthenticationProvider")
private AuthenticationProvider customAuthProvider;
@Override
protected void configure(AuthenticationManagerBuilder auth){
auth.authenticationProvider(customAuthProvider);
}
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
public void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests().anyRequest().authenticated();
http
.formLogin().failureUrl("/login?error")
.defaultSuccessUrl("/dashboard")
.loginPage("/login")
.permitAll()
.and()
.logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessUrl("/login")
.permitAll().and().csrf().disable();
}
}
Complete code is missing because of which I can't pin point the line which is causing this issue but I will definitely make an attempt to explain it, so that you can fix it yourself 缺少完整的代码,因为我无法指出导致此问题的那条线,但是我一定会尝试对其进行解释,以便您自己修复
@EnableWebSecurity @EnableWebSecurity
The JavaDoc documentaion:
JavaDoc文档:
Add this annotation to an @Configuration class to have the Spring Security configuration defined in any WebSecurityConfigurer or more likely by extending the WebSecurityConfigurerAdapter base class and overriding individual methods.
将此注释添加到@Configuration类,以在任何WebSecurityConfigurer中定义Spring Security配置,或者更可能通过扩展WebSecurityConfigurerAdapter基类并覆盖单个方法来定义。
It seems like either you missed to override "configure" method of WebSecurityConfigurerAdapter base class or didn't implemented the "configureGlobal" method correctly or you may want to create a class extends AbstractSecurityWebApplicationInitializer, it will load the springSecurityFilterChain automatically. 似乎您错过了重写WebSecurityConfigurerAdapter基类的“配置”方法,或者未正确实现“ configureGlobal”方法,或者您可能想创建一个扩展AbstractSecurityWebApplicationInitializer的类,它将自动加载springSecurityFilterChain。
However I suggest you to go through the following sources and you should be able to figure out what is that you are missing. 但是,我建议您仔细阅读以下资料,您应该能够弄清所缺少的是什么。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.