未定义名为“ springSecurityFilterChain”的bean-Spring 4 Java配置
[英]No bean named 'springSecurityFilterChain' is defined - Spring 4 Java configuration
问题描述
Everything is working fine when it's defined in .xml files. 
在.xml文件中定义时,一切工作正常。 Now I've started migrating .xml files to java configs. 现在,我开始将.xml文件迁移到Java配置。 Security.xml is the first file which I've been migrating. Security.xml是我一直在迁移的第一个文件。
Security.xml security.xml文件
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:p="http://www.springframework.org/schema/p"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
<http pattern="/scripts/**" security="none" />
<http pattern="/assets/**" security="none" />
<http auto-config="true">
<intercept-url pattern="/app/admin/**" access="ROLE_SUPER_ADMIN,ROLE_ADMIN" />
<intercept-url pattern="/app/settings/**"
access="ROLE_SUPER_ADMIN,ROLE_ADMIN" />
<intercept-url pattern="/app/**"
access="ROLE_SUPER_ADMIN,ROLE_ADMIN" />
<form-login login-page="/login" default-target-url="/main"
login-processing-url="/session" username-parameter="UserName"
password-parameter="Password" always-use-default-target="true"
authentication-success-handler-ref="authenticationSuccess"
authentication-failure-handler-ref="authenticationFailure" />
<logout logout-url="/app/logout" delete-cookies="JSESSIONID"
invalidate-session="true" logout-success-url="/login" />
</http>
<beans:bean id="authenticationSuccess"
class="com.comp.site.config.AuthenticationSuccess" />
<beans:bean id="authenticationFailure"
class="com.comp.site.config.AuthenticationFailure" />
<beans:bean id="userDao"
class="com.comp.site.dao.hibernate.UserDaoHibernate" />
<beans:bean class="com.comp.security.AuthenticationProvider"
id="authenticationProvider">
<beans:property name="userDetailsService" ref="userDao">
</beans:property>
</beans:bean>
<authentication-manager>
<authentication-provider ref="authenticationProvider" />
</authentication-manager>
<global-method-security>
<protect-pointcut expression="execution(* *..service.UserManager.getUsers(..))"
access="ROLE_ADMIN,ROLE_SUPER_ADMIN" />
<protect-pointcut expression="execution(* *..service.UserManager.removeUser(..))"
access="ROLE_ADMIN,ROLE_SUPER_ADMIN" />
</global-method-security>
</beans:beans>
Migrated SecurityConfig.java 迁移的SecurityConfig.java
package com.comp.springconfig;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import com.comp.security.AuthenticationProvider;
import com.comp.site.config.AuthenticationFailure;
import com.comp.site.config.AuthenticationSuccess;
import com.comp.site.dao.hibernate.UserDaoHibernate;
@Configuration
@EnableWebSecurity
@ComponentScan
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
AuthenticationSuccess authenticationSuccess;
@Autowired
AuthenticationFailure authenticationFailure;
@Autowired
UserDaoHibernate userDaoHibernate;
@Autowired
AuthenticationProvider authenticationProvider;
@Autowired
public void configureGlobal( AuthenticationManagerBuilder auth ) throws Exception{
auth
.authenticationProvider(authenticationProvider)
.userDetailsService(userDaoHibernate);
}
@Override
public void configure(WebSecurity web) throws Exception {
web
.ignoring()
.antMatchers("/scripts/**","/assets/**");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authenticationProvider(authenticationProvider)
.authorizeRequests()
.antMatchers("/app/admin/**")
.hasAnyRole("ROLE_SUPER_ADMIN","ROLE_ADMIN")
.antMatchers("/app/settings/**")
.hasAnyRole("ROLE_SUPER_ADMIN","ROLE_ADMIN")
.antMatchers("/app/**")
.hasAnyRole("ROLE_SUPER_ADMIN","ROLE_ADMIN")
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.defaultSuccessUrl("/main", true)
.loginProcessingUrl("/session")
.usernameParameter("UserName")
.passwordParameter("Password")
.successHandler(authenticationSuccess)
.failureHandler(authenticationFailure)
.and()
.logout()
.logoutUrl("/app/logout")
.deleteCookies("JSESSIONID")
.invalidateHttpSession(true)
.logoutSuccessUrl("/login");
}
}
I'll configure the global-method-security later, as I need to make the current configuration work first. 稍后,我将配置global-method-security ,因为我需要首先使当前配置生效。 After running the program I get the following error. 运行程序后,出现以下错误。
SEVERE: Exception starting filter securityFilter
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'springSecurityFilterChain' is defined
at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanDefinition(DefaultListableBeanFactory.java:694)
at org.springframework.beans.factory.support.AbstractBeanFactory.getMergedLocalBeanDefinition(AbstractBeanFactory.java:1168)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:281)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:199)
at org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:962)
at org.springframework.web.filter.DelegatingFilterProxy.initDelegate(DelegatingFilterProxy.java:324)
at org.springframework.web.filter.DelegatingFilterProxy.initFilterBean(DelegatingFilterProxy.java:235)
at org.springframework.web.filter.GenericFilterBean.init(GenericFilterBean.java:199)
at org.apache.catalina.core.ApplicationFilterConfig.initFilter(ApplicationFilterConfig.java:279)
at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:260)
at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:105)
at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:4603)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5210)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1396)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1386)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Whenever there is some problem with the AuthenticationProvider provided, this error will happen. 只要所提供的AuthenticationProvider出现问题,就会发生此错误。 I've tried to configure AuthenticationProvided using some other steps, but none of them worked. 我尝试使用其他一些步骤来配置AuthenticationProvided,但是没有一个起作用。 Is there something wrong with my current configuration? 我当前的配置有问题吗? I think the problem lies in AuthenticationManagerBuilder configuration. 我认为问题出在AuthenticationManagerBuilder配置中。
Update 更新
web.xml web.xml中
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<display-name>site</display-name>
<distributable/>
<!-- Context Configuration locations for Spring XML files -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
classpath:/applicationContext-resources.xml
classpath:/applicationContext-dao.xml
classpath:/applicationContext-service.xml
classpath:/applicationContext.xml
</param-value>
</context-param>
<context-param>
<param-name>javax.servlet.jsp.jstl.fmt.fallbackLocale</param-name>
<param-value>en</param-value>
</context-param>
<filter>
<filter-name>encodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter>
<filter-name>rewriteFilter</filter-name>
<filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class>
<!-- sets up log level (will be logged to context log)
can be: TRACE, DEBUG, INFO (default), WARN, ERROR, FATAL, log4j, commons, sysout:{level} (ie, sysout:DEBUG)
if you are having trouble using normal levels use sysout:DEBUG -->
<init-param>
<param-name>logLevel</param-name>
<param-value>commons</param-value>
</init-param>
<!-- set the amount of seconds the conf file will be checked for reload
can be a valid integer (0 denotes check every time,
-1 denotes no reload check, default -1) -->
<init-param>
<param-name>confReloadCheckInterval</param-name>
<param-value>-1</param-value>
</init-param>
</filter>
<filter>
<filter-name>securityFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<param-name>targetBeanName</param-name>
<param-value>springSecurityFilterChain</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>rewriteFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>securityFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
</filter-mapping>
<!-- CONTEXT LISTENERS -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.util.IntrospectorCleanupListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
<listener>
<listener-class>com.comp.site.listener.StartupListener</listener-class>
</listener>
<!-- SESSION CONFIGURATION -->
<session-config>
<session-timeout>15</session-timeout>
<cookie-config>
<http-only>true</http-only>
<!--<secure>true</secure>-->
</cookie-config>
<tracking-mode>COOKIE</tracking-mode>
</session-config>
<!-- SPRING SERVLETS DEFININTIONS -->
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/app/*</url-pattern>
</servlet-mapping>
</web-app>
Path of security.xml is /WEB-INF/security.xml which I've deleted it from Web.xml after writing Java configuration security.xml的路径是/WEB-INF/security.xml ,在编写Java配置后已将其从Web.xml中删除。
2 个解决方案
解决方案1
0 2015-10-06 04:38:20
删除所有与“ securityFilter”相关的内容,然后让Spring Security为您自动配置它们。
解决方案2
0 2015-11-06 09:56:20
When you add @EnableWebSecurity to a class, spring security creates springSecurityFilterChain bean with several other security beans. 当您将@EnableWebSecurity添加到类时,Spring Security会与其他几个springSecurityFilterChain Bean一起创建springSecurityFilterChain bean。 As you already have this annotation on your java configuration that means springSecurityFilterChain bean will get created and placed in ApplicationContext at setup time. 由于在Java配置上已经具有此批注,这意味着springSecurityFilterChain bean将在安装时创建并放置在ApplicationContext中。 To avoid this error you need to make sure that your java configuration is getting scanned properly. 为了避免此错误,您需要确保正确扫描了Java配置。 Also add your filter in web.xml as given below. 还要在web.xml中添加过滤器,如下所示。
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
“未定义名为'springSecurityFilterChain'的bean” Java Config Spring安全性 - “No bean named 'springSecurityFilterChain' is defined” Java Config Spring security
java配置的春季安全性,未定义名为“ springSecurityFilterChain”的bean错误 - spring security with java config , No bean named 'springSecurityFilterChain' is defined error
spring mvc没有定义名为'springSecurityFilterChain'的bean - spring mvc No bean named 'springSecurityFilterChain' is defined
Spring Security-未定义名为“ springSecurityFilterChain”的Bean - Spring Security - No bean named 'springSecurityFilterChain' is defined
没有定义名为“ springSecurityFilterChain”的bean Java配置 - No bean named 'springSecurityFilterChain' is defined Java Config
没有定义名为“ springSecurityFilterChain”的bean - No bean named 'springSecurityFilterChain' is defined
org.springframework.beans.factory.NoSuchBeanDefinitionException:未定义名为“ springSecurityFilterChain”的bean-基于Java的配置 - org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'springSecurityFilterChain' is defined - Java Based Configuration
Spring 4 Spring Security 3.2.2没有定义名为“ springSecurityFilterChain”的bean - Spring 4 Spring Security 3.2.2 No bean named 'springSecurityFilterChain' is defined
JavaConfig 没有定义名为“springSecurityFilterChain”的 bean - JavaConfig No bean named 'springSecurityFilterChain' is defined
Web.xml和Java Config的组合未定义名为“ springSecurityFilterChain”的bean - No bean named 'springSecurityFilterChain' is defined in combination of Web.xml and Java Config
相关标签