spring - 在corda中使用spring security的基本身份验证

问题描述

我正在尝试使用弹簧安全性为 Corda 中的 api 添加基本身份验证。
在集成弹簧安全性之前，cordapp 运行良好。
集成后，它会抛出一个或另一个错误。

如果只运行一个 Spring Boot 模板，则不会引发错误。我相信错误在 nodeRPCConnection 文件中。

这是被抛出的错误。

W 12:51:44 1 AnnotationConfigServletWebServerApplicationContext.refresh - Exception 
encountered during context initialization - cancelling refresh attempt: 
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 
'inMemoryUserDetailsManager' defined in class path resource 
[org/springframework/boot/autoconfigure/security/servlet/UserDetailsServiceAutoConfiguration.class]: 
Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException
: Failed to instantiate 
[org.springframework.security.provisioning.InMemoryUserDetailsManager]: Factory method 
'inMemoryUserDetailsManager' threw exception; nested exception
is java.lang.NoSuchMethodError:
org.springframework.security.core.userdetails.User.withUsername(Ljava/lang/String;)
Lorg/springframework/security/core/userdetails/User$UserBuilder;

I 12:51:44 1 AnnotationMBeanExporter.destroy - Unregistering JMX-exposed beans on shutdown
W 12:51:44 1 CommonAnnotationBeanPostProcessor.postProcessBeforeDestruction - Invocation of 
destroy method failed on bean with name 'nodeRPCConnection': kotlin.UninitializedP
ropertyAccessException: lateinit property rpcConnection has not been initialized
I 12:51:44 1 StandardService.log - Stopping service [Tomcat]
I 12:51:44 1 ConditionEvaluationReportLoggingListener.logAutoConfigurationReport -

基本认证配置

@Configuration
@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true)
open class BasicAuthConfig : WebSecurityConfigurerAdapter() {
    override fun configure(http: HttpSecurity) {
        http
            .csrf().disable()
            .authorizeRequests()
            .antMatchers("/api/**").authenticated()
            .anyRequest().authenticated()
            .and()
            .httpBasic()
            .and()
            .sessionManagement()
            .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
    }

    @Autowired
    fun configureGlobal(auth: AuthenticationManagerBuilder) {
        auth.inMemoryAuthentication()
            .withUser("admin")
            .password("{noop}root")
            .roles("ADMIN")
   }

}

节点RPC连接

@Component
open class NodeRPCConnection(
        @Value("\${$CORDA_NODE_HOST}") private val host: String,
        @Value("\${$CORDA_USER_NAME}") private val username: String,
        @Value("\${$CORDA_USER_PASSWORD}") private val password: String,
        @Value("\${$CORDA_RPC_PORT}") private val rpcPort: Int): AutoCloseable {

    lateinit var rpcConnection: CordaRPCConnection
        private set
    lateinit var proxy: CordaRPCOps
        private set

    @PostConstruct
    fun initialiseNodeRPCConnection() {
            val rpcAddress = NetworkHostAndPort(host, rpcPort)
            val rpcClient = CordaRPCClient(rpcAddress)
            val rpcConnection = rpcClient.start(username, password)
            proxy = rpcConnection.proxy
    }

    @PreDestroy
    override fun close() {
        rpcConnection.notifyServerAndClose()
    }
}

标签： springspring-bootkotlinspring-securitycorda