堆棧內存溢出
  簡體   English   中英

找不到用於ResourceServerTokenServices的Bean-Spring-Security-Oauth2

[英]No Bean for ResourceServerTokenServices found - Spring-Security-Oauth2

 原文  2014-11-22 15:36:05       java/ spring/ rest/ oauth-2.0/ spring-boot

問題描述

我正在用spring-boot構建一個示例項目,只是為了學習一些東西。
具體來說,我正在嘗試集成spring-security-oauth2模塊來保護我的其余服務。 我跟隨着這個示例項目,該示例項目顯示了一個非常簡單的內存登錄系統: https : //github.com/royclarkson/spring-rest-service-oauth
它有效,這很好。
無論如何,當我嘗試將其集成到應用程序中時,出現以下異常: 

...    
Caused by: java.lang.IllegalStateException: Could not wire ResourceServerTokenServices: please create a bean definition and mark it as @Primary.
        at org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration.resolveTokenServices(ResourceServerConfiguration.java:170) ~[spring-security-oauth2-2.0.4.RELEASE.jar:na]
        at org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration.configure(ResourceServerConfiguration.java:140) ~[spring-security-oauth2-2.0.4.RELEASE.jar:na]
        at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.getHttp(WebSecurityConfigurerAdapter.java:199) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE]
        at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:283) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE]
        at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:68) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE]
        at org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration$$EnhancerByCGLIB$$71f30f65.init(<generated>) ~[spring-core-4.0.1.RELEASE.jar:na]
        at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.init(AbstractConfiguredSecurityBuilder.java:367) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE]
        at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:320) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE]
        at org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:39) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE]
        at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain(WebSecurityConfiguration.java:92) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE]
        at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerByCGLIB$$373175f.CGLIB$springSecurityFilterChain$3(<generated>) ~[spring-core-4.0.1.RELEASE.jar:3.2.5.RELEASE]
        at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerByCGLIB$$373175f$$FastClassByCGLIB$$ffddf00e.invoke(<generated>) ~[spring-core-4.0.1.RELEASE.jar:3.2.5.RELEASE]
        at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) ~[spring-core-4.0.1.RELEASE.jar:4.0.1.RELEASE]
        at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:326) ~[spring-context-4.0.1.RELEASE.jar:4.0.1.RELEASE]
        at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerByCGLIB$$373175f.springSecurityFilterChain(<generated>) ~[spring-core-4.0.1.RELEASE.jar:3.2.5.RELEASE]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0]
        at java.lang.reflect.Method.invoke(Method.java:483) ~[na:1.8.0]
        at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:166) ~[spring-beans-4.0.1.RELEASE.jar:4.0.1.RELEASE]
        ... 27 common frames omitted

據我所知,ResourceServerTokenServices的DefaultTokenServices實現應准備使用,而無需進一步實現(針對這種簡單情況)。 我錯了嗎?

以下代碼片段是我的oauth配置類:

AuthorizationServerConfiguration: 

@Configuration @EnableAuthorizationServer
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {

    private TokenStore tokenStore = new InMemoryTokenStore();

    @Inject
    @Qualifier("authenticationManagerBean")
    private AuthenticationManager authenticationManager;

    @Inject
    private ResourceIdProvider resourceIdProvider;

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints
            .tokenStore(tokenStore)
            .authenticationManager(authenticationManager);
    }

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients
            .inMemory()
            .withClient("clientapp")
            .authorizedGrantTypes("password", "refresh_token")
            .authorities("USER")
            .scopes("read", "write")
            .resourceIds(this.resourceIdProvider.getResourceId())
            .secret("123456");
    }

    @Bean
    public ResourceServerTokenServices tokenServices() {
        DefaultTokenServices tokenServices = new DefaultTokenServices();
        tokenServices.setSupportRefreshToken(true);
        tokenServices.setTokenStore(this.tokenStore);
        return tokenServices;
    } }

ResourceServerConfigurationImpl: 

@Configuration @EnableResourceServer
public class ResourceServerConfigurationImpl extends ResourceServerConfigurerAdapter {

    @Inject
    private ResourceIdProvider resourceIdProvider;

    @Override
    public void configure(ResourceServerSecurityConfigurer resources) {
        resources.resourceId(this.resourceIdProvider.getResourceId());
    }

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
            .antMatchers("/rest/user")
            .authenticated();
    } }

InMemoryWebSecurityConfiguration: 

@Configuration @EnableWebSecurity
public class InMemoryWebSecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth
            .inMemoryAuthentication()
            .withUser("roy")
            .password("spring")
            .roles("USER");
    }

    @Override
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

}

有人可以幫我運行這個程序嗎?
如果您需要更多代碼,請告訴我。
提前致謝!

2 個解決方案

解決方案1
 2 已采納  2014-11-22 18:31:07

錯誤消息中有提示(將令牌服務標記為@Primary)。 那應該工作。 另外(我認為),您可以將TokenStore注入ResourceServerConfigurer並與其余上下文共享。

解決方案2
 0  2014-12-18 17:20:34

從2.0.5-RELEASE版本開始,我遇到了同樣的問題,但在2.0.4-BUILD-SNAPSHOT上卻沒有發生。 我在這里打開了一個問題: https : //github.com/spring-projects/spring-security-oauth/issues/342

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 了解spring-security-oauth2 @EnableAuthorizationServer Spring-Security-OAuth2中的grant_type 如何測試spring-security-oauth2資源服務器安全性? 使用spring-security-oauth2的SSO:永遠不會讀取身份驗證代碼 如何使用 redis 使用 spring-security-oauth2 來持久化令牌 如何處理spring-security-oauth2的版本升級? Spring-Security-Oauth2:訪問此資源需要完全身份驗證 EnableWebSecurity 注釋在 spring-security-oauth2 處給出錯誤 使用java config創建spring-security-oauth2客戶端的文檔 Spring-Security-Oauth2:默認登錄成功url
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM