![](/img/trans.png)
[英]Cannot access javax.servlet.Filter class file for javax.servlet.Filter not found
[英]Spring Security – cannot access javax.servlet.Filter
我正在使用 Spring Security 编写具有基本身份验证和授权的 Spring Boot 项目。 我有一个扩展 WebSecurityConfigurerAdapter 的配置WebSecurityConfigurerAdapter
(我想稍后摆脱它,因为它已被弃用)。 所以,我的配置 class 看起来像这样:
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("spring_user")
.password("password123")
.roles("ADMIN");
}
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http
.authorizeHttpRequests((authz) -> authz.anyRequest().authenticated())
.httpBasic(Customizer.withDefaults());
return http.build();
}
@Bean
public static PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
pom.xml 文件:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>3.0.1</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.codelib</groupId>
<artifactId>basic-auth-security</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>basic-auth-security</name>
<description>basic-auth-security</description>
<properties>
<java.version>17</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<scope>runtime</scope>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>5.7.3</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
请注意,我有spring-boot-starter-web
依赖项。
项目的rest没有什么有趣的。 当我尝试运行该应用程序时,显示以下消息:
java: cannot access javax.servlet.Filter
class file for javax.servlet.Filter not found
IDEA 将我重定向到配置文件。 (但没有代码行带有红色下划线)
这可能是什么原因造成的?
所以,解决方案很简单。 如果您要迁移到 Spring 6,您应该摆脱使用WebSecurityConfigurerAdapter
class 并在没有它的情况下配置您的安全性。
我已经编写了一个新配置(它执行相同的操作以及问题中提供的配置),现在它看起来像这样:
@Configuration
@EnableWebSecurity
public class SpringSecurityConfig {
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http
.authorizeHttpRequests((authorize) -> authorize.anyRequest().authenticated())
.httpBasic(Customizer.withDefaults())
.formLogin(Customizer.withDefaults());
return http.build();
}
@Bean
public UserDetailsService userDetailsService() {
PasswordEncoder encoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
UserDetails user = User
.withUsername("spring_user")
.password(encoder.encode("password123"))
.roles("USER")
.build();
return new InMemoryUserDetailsManager(user);
}
}
这是 Spring Security 6 提供基本身份验证、默认密码编码器(推荐使用)和内存用户所需的最低配置。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.