java - EnableWebSecurity 注释在 spring-security-oauth2 处给出错误
问题描述
我正在使用 Spring Boot,包括 Spring 2.1.2 Release Security 并使用 KeyCloak Oauth2.0。但是当我重新启动应用程序时,出现以下错误。
org.springframework.cloud.security.oauth2.gateway.TokenRelayAutoConfiguration 中的方法 tokenRelayGatewayFilterFactory 的参数 0 需要找不到类型为“org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository”的 bean。
The following candidates were found but could not be injected:
- Bean method 'authorizedClientRepository' in 'ReactiveOAuth2ClientAutoConfiguration' not loaded because NoneNestedConditions 1 matched 0 did not; NestedCondition on ReactiveOAuth2ClientAutoConfiguration.NonServletApplicationCondition.ServletApplicationCondition found 'session' scope
Action:
Consider revisiting the entries above or defining a bean of type 'org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository' in your configuration.
您可以在之前找到 pom.xml 、application.yml 和 SecurityConfig。当我扩展 WebSecurityConfigurerAdapter 时会出现问题。你认为我应该对 pom.xml 或类本身进行一些更改吗?谢谢你的帮助。
pom.xml
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-webflux</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-gateway</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-hystrix</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-redis</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-consul-discovery</artifactId>
</dependency>
<dependency>
<groupId>de.siegmar</groupId>
<artifactId>logback-gelf</artifactId>
<version>1.1.0</version>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-zipkin</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>io.projectreactor</groupId>
<artifactId>reactor-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>au.com.dius</groupId>
<artifactId>pact-jvm-consumer-junit_2.11</artifactId>
<version>3.5.0</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!--START: OAUTH2 Client for Authorization Code-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<!--Auto Configure Oauth Spring Security Stuff-->
<dependency>
<groupId>org.springframework.security.oauth.boot</groupId>
<artifactId>spring-security-oauth2-autoconfigure</artifactId>
</dependency>
<!--END-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-webflux</artifactId>
</dependency>
<!--START: Thymeleaf configs, no need to add those if you are not using thymeleaf-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity5</artifactId>
</dependency>
<!--END-->
<!--START: Eureka Client Config-->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
</dependency>
<!--END-->
</dependencies>
application.yaml 的一部分
routes:
- id:myApp
uri: http://localhost:5287
predicates:
- Path=/keycloak-oidc-code/**
filters:
- TokenRelay=
- RemoveRequestHeader=Cookie
安全配置.java
@Configuration
@EnableWebSecurity
public class SecurityConfig.java extends WebSecurityConfigurerAdapter {
@Override
public void configure( HttpSecurity http ) throws Exception
{ //TODO
http
.authorizeRequests( )
.anyRequest( ).authenticated( )
.antMatchers( "/login**", "/error**" ).permitAll( ).and( )
.oauth2Login( );
}
}
解决方案
您正在使用 Reactive Spring 模块(WebFlux、Spring-Cloud-Gateway)。因此,安全配置不能采用传统方式。您需要设置您的安全配置,如下所示;
@EnableWebFluxSecurity
public class MySecurityConfiguration {
@Bean
public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) {
return http.authorizeExchange().pathMatchers("/login**", "/error**").permitAll()
.anyExchange().authenticated().and().oauth2Login().and().build();;
}
}
推荐阅读
- rabbitmq - RabbitMQ HTTP API 返回 401(未经授权)
- r - 填充缺失值
- c# - 使用 .net 核心在应用程序加载的程序集中查找所有特定类型,并使用反射
- shell - 如何在csv文件的开头添加变量的值
- python - 遍历字典并将值分配给变量
- android - 接收通知
- javascript - 当没有从提供者传递任何值时,为什么 react-context 返回未定义,而不是返回默认值?
- javascript - 如何在 JEST vue-test-utils 中模拟 $el 属性?
- html - 如何在文本悬停时将视频不透明度设置为线性渐变不透明度?
- mysql - 带有 MySql DB 的 Spring Boot JPA - 映射日期以错误的日期结束(休息 1 天)