stackoom
  简体   繁体   中英

EnableWebSecurity annotation gives error at spring-security-oauth2

 原文  2020-03-26 12:31:24       java/ spring-security/ oauth-2.0/ spring-security-oauth2

Question

I am using Spring Boot including Spring 2.1.2 Release Security and using KeyCloak Oauth2.0. But when I restart the application I got the following error.

Parameter 0 of method tokenRelayGatewayFilterFactory in org.springframework.cloud.security.oauth2.gateway.TokenRelayAutoConfiguration required a bean of type 'org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository' that could not be found. 

    The following candidates were found but could not be injected:
  - Bean method 'authorizedClientRepository' in 'ReactiveOAuth2ClientAutoConfiguration' not loaded because NoneNestedConditions 1 matched 0 did not; NestedCondition on     ReactiveOAuth2ClientAutoConfiguration.NonServletApplicationCondition.ServletApplicationCondition found 'session' scope

 Action:

Consider revisiting the entries above or defining a bean of type 'org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository' in your configuration.

You can find pom.xml ,application.yml and the SecurityConfig before. The problem happens when I extend WebSecurityConfigurerAdapter. Do you think I should make some changes on pom.xml or the class itself ? Thank you for your helps.

pom.xml 

 <dependencies>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-actuator</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.cloud</groupId>
        <artifactId>spring-cloud-starter</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-webflux</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.cloud</groupId>
        <artifactId>spring-cloud-starter-gateway</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.cloud</groupId>
        <artifactId>spring-cloud-starter-netflix-hystrix</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-data-redis</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.cloud</groupId>
        <artifactId>spring-cloud-starter-consul-discovery</artifactId>
    </dependency>
    <dependency>
        <groupId>de.siegmar</groupId>
        <artifactId>logback-gelf</artifactId>
        <version>1.1.0</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.cloud</groupId>
        <artifactId>spring-cloud-starter-zipkin</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.cloud</groupId>
        <artifactId>spring-cloud-starter-security</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-oauth2-client</artifactId>
    </dependency>


    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-test</artifactId>
        <scope>test</scope>
    </dependency>
    <dependency>
        <groupId>io.projectreactor</groupId>
        <artifactId>reactor-test</artifactId>
        <scope>test</scope>
    </dependency>
    <dependency>
        <groupId>au.com.dius</groupId>
        <artifactId>pact-jvm-consumer-junit_2.11</artifactId>
        <version>3.5.0</version>
        <scope>test</scope>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>
    </dependency>

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-security</artifactId>
    </dependency>

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>
    </dependency>

    <!--START: OAUTH2 Client for Authorization Code-->
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-oauth2-client</artifactId>
    </dependency>

    <!--Auto Configure Oauth Spring Security Stuff-->
    <dependency>
        <groupId>org.springframework.security.oauth.boot</groupId>
        <artifactId>spring-security-oauth2-autoconfigure</artifactId>
    </dependency>
    <!--END-->

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-webflux</artifactId>
    </dependency>

    <!--START: Thymeleaf configs, no need to add those if you are not using thymeleaf-->
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-thymeleaf</artifactId>
    </dependency>

    <dependency>
        <groupId>org.thymeleaf.extras</groupId>
        <artifactId>thymeleaf-extras-springsecurity5</artifactId>
    </dependency>
    <!--END-->

    <!--START: Eureka Client Config-->
    <dependency>
        <groupId>org.springframework.cloud</groupId>
        <artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
    </dependency>
    <!--END-->





</dependencies>

part of application.yaml 

         routes:
            - id:myApp
              uri: http://localhost:5287
              predicates:
                  - Path=/keycloak-oidc-code/**
              filters:
                  - TokenRelay=
                  - RemoveRequestHeader=Cookie

SecurityConfig.java

@Configuration
@EnableWebSecurity
public class SecurityConfig.java extends WebSecurityConfigurerAdapter {
    
  @Override
  public void configure( HttpSecurity http ) throws Exception
    { //TODO
      http
        .authorizeRequests( )
        .anyRequest( ).authenticated( )
        .antMatchers( "/login**", "/error**" ).permitAll( ).and( )
        .oauth2Login( );
    }
}

1 answers

solution1
 2 ACCPTED  2020-03-27 13:13:07

You are using Reactive Spring modules (WebFlux, Spring-Cloud-Gateway). So, the security configuration cannot be traditional way. You need to setup your security configuration like below;

@EnableWebFluxSecurity
public class MySecurityConfiguration {

    @Bean
    public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) {
        return http.authorizeExchange().pathMatchers("/login**", "/error**").permitAll()
    .anyExchange().authenticated().and().oauth2Login().and().build();;
    }

}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question No Bean for ResourceServerTokenServices found - Spring-Security-Oauth2 Understanding spring-security-oauth2 @EnableAuthorizationServer grant_type in Spring-Security-OAuth2 Insteate custom OAuth2User in spring-security-oauth2 causes deserialize error How to test spring-security-oauth2 resource server security? Spring security's @EnableWebSecurity vs oauth's @EnableResourceServer SSO using spring-security-oauth2 : Authentication Code never read Spring-Security-Oauth2: Full authentication is required to access this resource Documentation on creating a spring-security-oauth2 client using java config Spring-Security-Oauth2: Default login success url
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM