[英]Spring Security: Error while upgrading the deprecated WebSecurityConfigurerAdapter in Spring Boot 2.7.2
我正在嘗試將 spring 引導版本從 2.1.7.RELEASE 升級到 2.7.2。 版本更改后,我看到 WebSecurityConfigurerAdapter 已棄用。 當前配置如下所示。
@EnableOAuth2Sso
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfigure extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/**").authorizeRequests()
.antMatchers(HttpMethod.POST, "**/api/**").permitAll()
.antMatchers(HttpMethod.GET, "**/api/**").permitAll()
.anyRequest().authenticated().and()
.csrf().disable()
.sessionManagement().maximumSessions(-1).sessionRegistry(sessionRegistry());
http.headers().frameOptions().sameOrigin();
TransactionSynchronizationManager.setActualTransactionActive(true);
}
}
在遵循這個遷移指南 - Spring Security without the WebSecurityConfigurerAdapter 之后,我修改了代碼如下。
@EnableOAuth2Sso
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfigure {
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.antMatcher("/**").authorizeRequests().antMatchers(HttpMethod.POST, "**/api/**").permitAll()
.antMatchers(HttpMethod.GET, "**/api/**").permitAll().anyRequest().authenticated().and().csrf()
.disable().sessionManagement().maximumSessions(-1).sessionRegistry(sessionRegistry());
http.headers().frameOptions().sameOrigin();
TransactionSynchronizationManager.setActualTransactionActive(true);
return http.build();
}
}
更改后,我在啟動應用程序時收到此錯誤。
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.IllegalStateException: Found WebSecurityConfigurerAdapter as well as SecurityFilterChain. Please select just one.
我正在使用 spring 安全 oauth2 來啟用 SSO
<dependency>
<groupId>org.springframework.security.oauth.boot</groupId>
<artifactId>spring-security-oauth2-autoconfigure</artifactId>
<version>2.0.0.RELEASE</version>
</dependency>
我高度懷疑@EnableOAuth2Sso錯誤背后的原因。 任何幫助,將不勝感激。
如異常所示,因為@EnableOAuth2Sso導入OAuth2SsoDefaultConfiguration它擴展WebSecurityConfigurerAdapter您可以使用 dsl http.oauth2Login()而不是使用@EnableOAuth2Sso
Spring Boot Security OAuth2:WebSecurityConfigurerAdapter:302重定向到/ error
[英]Spring Boot Security OAuth2: WebSecurityConfigurerAdapter: 302 Redirect to /error
用於CSRF的Spring Boot Security XML與WebSecurityConfigurerAdapter
[英]Spring Boot Security XML vs WebSecurityConfigurerAdapter for CSRF
沒有 WebSecurityConfigurerAdapter 的 Spring Security
[英]Spring Security without the WebSecurityConfigurerAdapter
如何在 Spring Boot 2.7 中使用 userDetailsService 更新已棄用的 WebSecurityConfigurerAdapter
[英]How to update deprecated WebSecurityConfigurerAdapter with userDetailsService in Spring Boot 2.7
Spring Security WebSecurityConfigurerAdapter特殊字符
[英]Spring Security WebSecurityConfigurerAdapter special characters
Spring Security WebSecurityConfigurerAdapter配置問題
[英]Spring security WebSecurityConfigurerAdapter configuration issue
Spring Boot permitAll 在 WebSecurityConfigurerAdapter 中不起作用
[英]Spring Boot permitAll not working in WebSecurityConfigurerAdapter
在 Spring Boot 中為 ResourceServerConfigurerAdapter 替換 WebSecurityConfigurerAdapter
[英]Replace WebSecurityConfigurerAdapter in Spring boot for ResourceServerConfigurerAdapter
如何修復升級到Spring Boot 3.0.0時WebSecurityConfigurerAdapter報錯?
[英]How to fix error of WebSecurityConfigurerAdapter when upgrade to Spring Boot 3.0.0?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.