小编典典

在Jetty上使用Spring Boot和Spring MVC Rest API配置Spring安全性

spring-boot

我目前正在使用Jetty上托管的spring boot和spring mvc制作Rest
API。此时一切正常。现在我想添加spring安全性,但是它抛出一个异常:

FAILED org.springframework.boot.context.embedded.jetty.ServletContextInitializerConfiguration$InitializerListener@36895c35: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Instantiation of bean failed; nested exception is org.springframework.beans.factory.BeanDefinitionStoreException: Factory method [public javax.servlet.Filter org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain() throws java.lang.Exception] threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire method: public void org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration.setGlobalAuthenticationConfigurers(java.util.List) throws java.lang.Exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.boot.autoconfigure.security.AuthenticationManagerConfiguration': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire field: private java.util.List org.springframework.boot.autoconfigure.security.AuthenticationManagerConfiguration.dependencies; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'securityProperties': Could not bind properties; nested exception is org.springframework.beans.NotWritablePropertyException: Invalid property 'bean' of bean class [org.springframework.boot.autoconfigure.security.SecurityProperties]: Bean property 'bean' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter?

所以这是我的主要课程:

@Configuration
@ComponentScan
@EnableAutoConfiguration
@PropertySource({"classpath:configuration.properties"})
@Import({ApplicationConfig.class, SecurityConfig.class})
public class Application {

    public static void main(String[] args) {
        SpringApplication.run(Application.class, args);
    }

    @Autowired
    private Environment environment;

    public Environment getEnvironment() {
        return environment;
    }

    public void setEnvironment(Environment environment) {
        this.environment = environment;

    }

}

这是我的应用程序配置

@EnableWebMvc
@Configuration
@EnableTransactionManagement
public class ApplicationConfig {

    @Autowired
    private Environment environment;

    public Environment getEnvironment() {
        return environment;
    }

    public void setEnvironment(Environment environment) {
        this.environment = environment;

    }


    @Bean(name = "dataSource")
    public DriverManagerDataSource getDataSource() {
        DriverManagerDataSource driverManagerDataSource = new DriverManagerDataSource();
        driverManagerDataSource.setDriverClassName(this.getEnvironment().getProperty("database.driver"));
        driverManagerDataSource.setUrl(this.getEnvironment().getProperty("database.url"));
        driverManagerDataSource.setUsername(this.getEnvironment().getProperty("database.username"));
        driverManagerDataSource.setPassword(this.getEnvironment().getProperty("database.password"));
        return driverManagerDataSource;
    }

    @Bean(name = "sessionFactory")
    public SessionFactory getSessionFactory() {
        LocalSessionFactoryBuilder builder = new LocalSessionFactoryBuilder(this.getDataSource());
        builder.scanPackages("apt.model").addProperties(this.getHibernateProperties());
        return builder.buildSessionFactory();
    }

    private Properties getHibernateProperties() {
        Properties prop = new Properties();
        prop.put("hibernate.format_sql", this.getEnvironment().getProperty("database.verbose"));
        prop.put("hibernate.show_sql", this.getEnvironment().getProperty("database.verbose"));
        prop.put("hibernate.dialect", this.getEnvironment().getProperty("database.dialect"));
        prop.put("hbm2ddl.auto", this.getEnvironment().getProperty("database.hbm2ddl"));
        prop.put("c3p0.min_size", "5");
        prop.put("c3p0.max_size", "50");
        prop.put("c3p0.timeout", "300");
        prop.put("c3p0.max_statements", "50");
        prop.put("c3p0.idle_test_period", "3000");
        return prop;
    }

    @Bean(name = "txManager")
    public HibernateTransactionManager getTransactionManager() {
        return new HibernateTransactionManager(this.getSessionFactory());
    }

}

这是安全配置

@Configuration
@EnableWebSecurity
@EnableAutoConfiguration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private AccountService accountService;

    @Autowired
    private AuthenticationService authenticationService;

    public AccountService getAccountService() {
        return accountService;
    }

    public void setAccountService(AccountService accountService) {
        this.accountService = accountService;
    }

    public AuthenticationService getAuthenticationService() {
        return authenticationService;
    }

    public void setAuthenticationService(AuthenticationService authenticationService) {
        this.authenticationService = authenticationService;
    }

    @Override
    public void setAuthenticationConfiguration(AuthenticationConfiguration authenticationConfiguration) {
        super.setAuthenticationConfiguration(authenticationConfiguration);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().antMatchers("/**").permitAll().anyRequest().authenticated();
        http.formLogin().loginPage("/authentication/login").permitAll().and().logout().permitAll();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(this.getAuthenticationService()).passwordEncoder(this.getPasswordEncoder());
    }

    @Bean(name = "passwordEncoder")
    public PasswordEncoder getPasswordEncoder() {
        return new BCryptPasswordEncoder();
    }

}

你知道它从哪里来吗?


阅读 417

收藏
2020-05-30

共1个答案

小编典典

听起来好像您已经定义了一个名为属性security.bean,这会导致Spring
Boot的绑定错误org.springframework.boot.autoconfigure.security.SecurityProperties

发生这种情况是因为SecurityProperties带有注释,@ConfigurationProperties(name = "security", ignoreUnknownFields = false)并且不包含名为的属性bean

简而言之,您不应具有任何以引用开头security.未列出的属性。

2020-05-30