EnableWebSecurity 注释在 spring-security-oauth2 处给出错误
EnableWebSecurity annotation gives error at spring-security-oauth2
我正在使用 Spring Boot,包括 Spring 2.1.2 Release Security 并使用 KeyCloak Oauth2.0。但是当我重新启动应用程序时,出现以下错误。
org.springframework.cloud.security 中方法 tokenRelayGatewayFilterFactory 的参数 0 需要找不到类型 'org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository' 的 bean。
The following candidates were found but could not be injected:
- Bean method 'authorizedClientRepository' in 'ReactiveOAuth2ClientAutoConfiguration' not loaded because NoneNestedConditions 1 matched 0 did not; NestedCondition on ReactiveOAuth2ClientAutoConfiguration.NonServletApplicationCondition.ServletApplicationCondition found 'session' scope
Action:
Consider revisiting the entries above or defining a bean of type 'org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository' in your configuration.
你可以找到pom.xml,application.yml和之前的SecurityConfig。当我扩展 WebSecurityConfigurerAdapter 时会出现问题。您认为我应该对 pom.xml 还是 class 本身进行一些更改?感谢您的帮助。
pom.xml
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-webflux</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-gateway</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-hystrix</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-redis</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-consul-discovery</artifactId>
</dependency>
<dependency>
<groupId>de.siegmar</groupId>
<artifactId>logback-gelf</artifactId>
<version>1.1.0</version>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-zipkin</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>io.projectreactor</groupId>
<artifactId>reactor-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>au.com.dius</groupId>
<artifactId>pact-jvm-consumer-junit_2.11</artifactId>
<version>3.5.0</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!--START: OAUTH2 Client for Authorization Code-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<!--Auto Configure Oauth Spring Security Stuff-->
<dependency>
<groupId>org.springframework.security.oauth.boot</groupId>
<artifactId>spring-security-oauth2-autoconfigure</artifactId>
</dependency>
<!--END-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-webflux</artifactId>
</dependency>
<!--START: Thymeleaf configs, no need to add those if you are not using thymeleaf-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity5</artifactId>
</dependency>
<!--END-->
<!--START: Eureka Client Config-->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
</dependency>
<!--END-->
</dependencies>
application.yaml的一部分
routes:
- id:myApp
uri: http://localhost:5287
predicates:
- Path=/keycloak-oidc-code/**
filters:
- TokenRelay=
- RemoveRequestHeader=Cookie
SecurityConfig.java
@Configuration
@EnableWebSecurity
public class SecurityConfig.java extends WebSecurityConfigurerAdapter {
@Override
public void configure( HttpSecurity http ) throws Exception
{ //TODO
http
.authorizeRequests( )
.anyRequest( ).authenticated( )
.antMatchers( "/login**", "/error**" ).permitAll( ).and( )
.oauth2Login( );
}
}
您正在使用 Reactive Spring 模块(WebFlux、Spring-Cloud-Gateway)。因此,安全配置不能采用传统方式。您需要像下面这样设置您的安全配置;
@EnableWebFluxSecurity
public class MySecurityConfiguration {
@Bean
public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) {
return http.authorizeExchange().pathMatchers("/login**", "/error**").permitAll()
.anyExchange().authenticated().and().oauth2Login().and().build();;
}
}
我正在使用 Spring Boot,包括 Spring 2.1.2 Release Security 并使用 KeyCloak Oauth2.0。但是当我重新启动应用程序时,出现以下错误。
org.springframework.cloud.security 中方法 tokenRelayGatewayFilterFactory 的参数 0 需要找不到类型 'org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository' 的 bean。
The following candidates were found but could not be injected:
- Bean method 'authorizedClientRepository' in 'ReactiveOAuth2ClientAutoConfiguration' not loaded because NoneNestedConditions 1 matched 0 did not; NestedCondition on ReactiveOAuth2ClientAutoConfiguration.NonServletApplicationCondition.ServletApplicationCondition found 'session' scope
Action:
Consider revisiting the entries above or defining a bean of type 'org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository' in your configuration.
你可以找到pom.xml,application.yml和之前的SecurityConfig。当我扩展 WebSecurityConfigurerAdapter 时会出现问题。您认为我应该对 pom.xml 还是 class 本身进行一些更改?感谢您的帮助。
pom.xml
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-webflux</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-gateway</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-hystrix</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-redis</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-consul-discovery</artifactId>
</dependency>
<dependency>
<groupId>de.siegmar</groupId>
<artifactId>logback-gelf</artifactId>
<version>1.1.0</version>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-zipkin</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>io.projectreactor</groupId>
<artifactId>reactor-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>au.com.dius</groupId>
<artifactId>pact-jvm-consumer-junit_2.11</artifactId>
<version>3.5.0</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!--START: OAUTH2 Client for Authorization Code-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<!--Auto Configure Oauth Spring Security Stuff-->
<dependency>
<groupId>org.springframework.security.oauth.boot</groupId>
<artifactId>spring-security-oauth2-autoconfigure</artifactId>
</dependency>
<!--END-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-webflux</artifactId>
</dependency>
<!--START: Thymeleaf configs, no need to add those if you are not using thymeleaf-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity5</artifactId>
</dependency>
<!--END-->
<!--START: Eureka Client Config-->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
</dependency>
<!--END-->
</dependencies>
application.yaml的一部分
routes:
- id:myApp
uri: http://localhost:5287
predicates:
- Path=/keycloak-oidc-code/**
filters:
- TokenRelay=
- RemoveRequestHeader=Cookie
SecurityConfig.java
@Configuration
@EnableWebSecurity
public class SecurityConfig.java extends WebSecurityConfigurerAdapter {
@Override
public void configure( HttpSecurity http ) throws Exception
{ //TODO
http
.authorizeRequests( )
.anyRequest( ).authenticated( )
.antMatchers( "/login**", "/error**" ).permitAll( ).and( )
.oauth2Login( );
}
}
您正在使用 Reactive Spring 模块(WebFlux、Spring-Cloud-Gateway)。因此,安全配置不能采用传统方式。您需要像下面这样设置您的安全配置;
@EnableWebFluxSecurity
public class MySecurityConfiguration {
@Bean
public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) {
return http.authorizeExchange().pathMatchers("/login**", "/error**").permitAll()
.anyExchange().authenticated().and().oauth2Login().and().build();;
}
}