完成-Spring Security JWT Token_Key
[英]Done - Spring Security JWT Token_Key
問題描述
我在Spring Security / Boot(1.2.5)和JWT上遇到問題。
首先,我有一個正在運行的使用JWT的Auth-Server。 我已經可以對其進行測試並啟用/ oauth / token_key資源。
# curl -u client_id:client_secret http://localhost:8080/oauth/token_key
{"alg":"SHA256withRSA","value":"-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiGB\n-----END PUBLIC KEY-----"}
在春季啟動“ 28.1.2資源服務器”的文檔( http://docs.spring.io/spring-boot/docs/current-SNAPSHOT/reference/html/boot-features-security.html )中,有一個配置名為“ security.oauth2.resource.jwt.key-uri”的條目。 這樣,應該可以從給定的uri加載公鑰。 與我在此處輸入的內容無關,結果始終是以下異常:
Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'securityFilterChainRegistration' defined in class path resource [org/springframework/boot/autoconfigure/security/SpringBootWebSecurityConfiguration.class]: Unsatisfied dependency expressed through constructor argument with index 0 of type [javax.servlet.Filter]: : Error creating bean with name 'org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire method: public void org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.setFilterChainProxySecurityConfigurer(org.springframework.security.config.annotation.ObjectPostProcessor,java.util.List) throws java.lang.Exception; nested exception is org.springframework.beans.factory.BeanExpressionException: Expression parsing failed; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire method: public void org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.setAuthenticationConfiguration(org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration); nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire method: public void org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration.setGlobalAuthenticationConfigurers(java.util.List) throws java.lang.Exception; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'springBootAuthenticationConfigurerAdapter' defined in class path resource [org/springframework/boot/autoconfigure/security/AuthenticationManagerConfiguration.class]: Unsatisfied dependency expressed through constructor argument with index 0 of type [org.springframework.boot.autoconfigure.security.SecurityProperties]: : Error creating bean with name 'securityProperties': Could not bind properties to [unknown] (target=security, ignoreInvalidFields=false, ignoreUnknownFields=false, ignoreNestedProperties=false); nested exception is org.springframework.beans.NotWritablePropertyException: Invalid property 'oauth2[client][accessTokenUri]' of bean class [org.springframework.boot.autoconfigure.security.SecurityProperties]: Cannot access indexed value in property referenced in indexed property path 'oauth2[client][accessTokenUri]'; nested exception is org.springframework.beans.NotReadablePropertyException: Invalid property 'oauth2[client][accessTokenUri]' of bean class [org.springframework.boot.autoconfigure.security.SecurityProperties]: Bean property 'oauth2[client][accessTokenUri]' is not readable or has an invalid getter method: Does the return type of the getter match the parameter type of the setter?; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'securityProperties': Could not bind properties to [unknown] (target=security, ignoreInvalidFields=false, ignoreUnknownFields=false, ignoreNestedProperties=false); nested exception is org.springframework.beans.NotWritablePropertyException: Invalid property 'oauth2[client][accessTokenUri]' of bean class [org.springframework.boot.autoconfigure.security.SecurityProperties]: Cannot access indexed value in property referenced in indexed property path 'oauth2[client][accessTokenUri]'; nested exception is org.springframework.beans.NotReadablePropertyException: Invalid property 'oauth2[client][accessTokenUri]' of bean class [org.springframework.boot.autoconfigure.security.SecurityProperties]: Bean property 'oauth2[client][accessTokenUri]' is not readable or has an invalid getter method: Does the return type of the getter match the parameter type of the setter?; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire method: public void org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.setFilterChainProxySecurityConfigurer(org.springframework.security.config.annotation.ObjectPostProcessor,java.util.List) throws java.lang.Exception; nested exception is org.springframework.beans.factory.BeanExpressionException: Expression parsing failed; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire method: public void org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.setAuthenticationConfiguration(org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration); nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire method: public void org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration.setGlobalAuthenticationConfigurers(java.util.List) throws java.lang.Exception; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'springBootAuthenticationConfigurerAdapter' defined in class path resource [org/springframework/boot/autoconfigure/security/AuthenticationManagerConfiguration.class]: Unsatisfied dependency expressed through constructor argument with index 0 of type [org.springframework.boot.autoconfigure.security.SecurityProperties]: : Error creating bean with name 'securityProperties': Could not bind properties to [unknown] (target=security, ignoreInvalidFields=false, ignoreUnknownFields=false, ignoreNestedProperties=false); nested exception is org.springframework.beans.NotWritablePropertyException: Invalid property 'oauth2[client][accessTokenUri]' of bean class [org.springframework.boot.autoconfigure.security.SecurityProperties]: Cannot access indexed value in property referenced in indexed property path 'oauth2[client][accessTokenUri]'; nested exception is org.springframework.beans.NotReadablePropertyException: Invalid property 'oauth2[client][accessTokenUri]' of bean class [org.springframework.boot.autoconfigure.security.SecurityProperties]: Bean property 'oauth2[client][accessTokenUri]' is not readable or has an invalid getter method: Does the return type of the getter match the parameter type of the setter?; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'securityProperties': Could not bind properties to [unknown] (target=security, ignoreInvalidFields=false, ignoreUnknownFields=false, ignoreNestedProperties=false); nested exception is org.springframework.beans.NotWritablePropertyException: Invalid property 'oauth2[client][accessTokenUri]' of bean class [org.springframework.boot.autoconfigure.security.SecurityProperties]: Cannot access indexed value in property referenced in indexed property path 'oauth2[client][accessTokenUri]'; nested exception is org.springframework.beans.NotReadablePropertyException: Invalid property 'oauth2[client][accessTokenUri]' of bean class [org.springframework.boot.autoconfigure.security.SecurityProperties]: Bean property 'oauth2[client][accessTokenUri]' is not readable or has an invalid getter method: Does the return type of the getter match the parameter type of the setter?
at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:749)
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:464)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1119)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1014)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:504)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:476)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:303)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:299)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:199)
at org.springframework.boot.context.embedded.ServletContextInitializerBeans.getOrderedBeansOfType(ServletContextInitializerBeans.java:209)
at org.springframework.boot.context.embedded.ServletContextInitializerBeans.addServletContextInitializerBeans(ServletContextInitializerBeans.java:85)
at org.springframework.boot.context.embedded.ServletContextInitializerBeans.<init>(ServletContextInitializerBeans.java:73)
at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.getServletContextInitializerBeans(EmbeddedWebApplicationContext.java:234)
at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.selfInitialize(EmbeddedWebApplicationContext.java:221)
at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.access$000(EmbeddedWebApplicationContext.java:84)
at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext$1.onStartup(EmbeddedWebApplicationContext.java:206)
at org.springframework.boot.context.embedded.tomcat.TomcatStarter.onStartup(TomcatStarter.java:54)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5156)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1409)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1399)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
有任何想法嗎?
最好的問候,堆棧
1 個解決方案
解決方案1
0 已采納 2015-07-22 19:16:30
正如用戶M. Deinum在其答案中告訴的那樣,OAuth2自動配置支持僅在Spring Boot的1.3版中添加,因此您需要對其進行更新才能使用它。
通過Spring Boot Security在REST API中強制執行正確的API密鑰和JWT用戶令牌
[英]Enforce both correct API Key and JWT User Token in REST API with Spring Boot Security
Spring 使用 JWT 令牌的安全性正在加載 spring 用戶詳細信息 ZA8CFDE6331BD59EB2AC966F8911C4B on every request
[英]Spring Security with JWT token is loading spring UserDetails object on every request
CrossOrigin 與 http 安全性在 Spring 引導中使用 jwt 令牌
[英]CrossOrigin with http security using jwt token in Spring boot
Spring Boot Security Context在使用JWT令牌時返回null
[英]Spring Boot Security Context return null when using a JWT token
spring 安全與 jwt 令牌返回 401 html 頁面不是 Z466DEEC76ECDF5FCA4D5438571FZ2
[英]spring security with jwt token returns 401 html page not json
Java spring 安全 | JWT csrf 令牌在 /login 上不起作用
[英]Java spring Security | JWT csrf token doesn't work on /login
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.
相關問題
使用 JWT 令牌安全性進行 Spring Boot 單元測試
Spring Security JWT刷新令牌未到期
通過Spring Boot Security在REST API中強制執行正確的API密鑰和JWT用戶令牌
Spring 使用 JWT 令牌的安全性正在加載 spring 用戶詳細信息 ZA8CFDE6331BD59EB2AC966F8911C4B on every request
生成自定義jwt令牌並驗證用戶,Spring Security
CrossOrigin 與 http 安全性在 Spring 引導中使用 jwt 令牌
Spring Boot Security Context在使用JWT令牌時返回null
Spring Security OAuth2 JWT令牌中繼問題
spring 安全與 jwt 令牌返回 401 html 頁面不是 Z466DEEC76ECDF5FCA4D5438571FZ2
Java spring 安全 | JWT csrf 令牌在 /login 上不起作用
相關標簽