在基于 spring java 的配置中没有定义名为 'springSecurityFilterChain' 的 bean 错误

No bean named 'springSecurityFilterChain' is defined error in spring java based config

这是错误日志。

org.apache.catalina.core.StandardContext filterStart
SEVERE: Exception starting filter springSecurityFilterChain
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'springSecurityFilterChain' is defined
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanDefinition(DefaultListableBeanFactory.java:687)
    at org.springframework.beans.factory.support.AbstractBeanFactory.getMergedLocalBeanDefinition(AbstractBeanFactory.java:1168)
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:281)
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:199)
    at org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:962)
    at org.springframework.web.filter.DelegatingFilterProxy.initDelegate(DelegatingFilterProxy.java:324)
    at org.springframework.web.filter.DelegatingFilterProxy.initFilterBean(DelegatingFilterProxy.java:235)
    at org.springframework.web.filter.GenericFilterBean.init(GenericFilterBean.java:199)
    at org.apache.catalina.core.ApplicationFilterConfig.initFilter(ApplicationFilterConfig.java:281)
    at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:111)
    at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:4656)
    at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5309)
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
    at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1559)
    at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1549)
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
    at java.lang.Thread.run(Thread.java:745)

这是我的配置类。

Spring 版本= 4.1.6.RELEASE

Spring安全版本=4.1.0.RELEASE

1)WebInitializer 实现 WebMvcConfigurerAdapter

  public class WebInitializer implements WebApplicationInitializer
    {
        @Override
        public void onStartup( ServletContext container )
        {

            AnnotationConfigWebApplicationContext rootContext = new AnnotationConfigWebApplicationContext();
            rootContext.register( AppConfig.class );
            rootContext.setServletContext( container );


            container.addListener( new ContextLoaderListener( rootContext ) );
            container.addFilter("CORSFilter", it.codegen.tbx.central.service.config.SimpleCORSFilter.class)
                    .addMappingForUrlPatterns(null, false, "");
            ServletRegistration.Dynamic dispatcher = container.addServlet( "dispatcher",
                    new DispatcherServlet( rootContext ) );
            dispatcher.addMapping( "/" );
            dispatcher.setLoadOnStartup( 1 );
        }
}

2)AppConfig 扩展 WebMvcConfigurerAdapter

@Configuration
@EnableWebMvc
@ComponentScan({ "it.codegen.tbx.central.service.config","it.codegen.tbx.central.service.backend.cache", "it.codegen.tbx.central.admin.config", "it.codegen.tbx.central.admin.service.controller", "it.codegen.tbx.central.admin.service.backend.tbx"})
@Import({ SecurityConfig.class })
public class  AppConfig extends WebMvcConfigurerAdapter
{
    @Override
    public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) {
        configurer.enable();
    }
}

3)SecurityConfig 扩展 WebSecurityConfigurerAdapter

@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {


    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        System.out.println("abc");
        auth.inMemoryAuthentication().withUser("chaya").password("chaya").roles("USER");
        auth.inMemoryAuthentication().withUser("admin").password("admin").roles("ADMIN");

    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/booking/search").access("hasAuthority('USER')")
                .antMatchers("/booking/delete").access("hasAuthority('ADMIN')")
                .and()
                .formLogin()
                .and()
                .logout()
                .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
                .logoutSuccessUrl("/login");

    }    
}

4)AbstractSecurityWebApplicationInitializer

public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer {
}

我在这里解决了类似的问题,none 的解决方案有效。

您必须使用 @EnableWebSecurity 注释您的 Java 配置 (SecurityConfig) 以将 springSecurityFilterChain 添加到您的应用程序上下文。

您修改后的代码:

@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
@EnableWebSecurity 
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        System.out.println("abc");
        auth.inMemoryAuthentication().withUser("chaya").password("chaya").roles("USER");
        auth.inMemoryAuthentication().withUser("admin").password("admin").roles("ADMIN");

    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
            .antMatchers("/booking/search").access("hasAuthority('USER')")
            .antMatchers("/booking/delete").access("hasAuthority('ADMIN')")
            .and()
            .formLogin()
            .and()
            .logout()
            .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
            .logoutSuccessUrl("/login");
    }    
}