升级到 Spring Boot 2.6 时 Spring 安全和 org.springdoc.ui.SwaggerConfig 之间的循环引用
circular reference between Spring Security and org.springdoc.ui.SwaggerConfig when upgrading to Spring Boot 2.6
将我的应用程序从 Spring Boot 2.5 升级到 2.6 时,出现此错误:
Error creating bean with name 'securityConfig': Unsatisfied dependency
expressed through method 'setContentNegotationStrategy' parameter 0;
nested exception is
org.springframework.beans.factory.UnsatisfiedDependencyException:
Error creating bean with name
'org.springframework.boot.autoconfigure.web.servlet.WebMvcAutoConfiguration$EnableWebMvcConfiguration':
Unsatisfied dependency expressed through method 'setConfigurers'
parameter 0;
nested exception is
org.springframework.beans.factory.UnsatisfiedDependencyException:
Error creating bean with name 'org.springdoc.ui.SwaggerConfig':
Unsatisfied dependency expressed through field
'swaggerIndexTransformer';
nested exception is
org.springframework.beans.factory.BeanCurrentlyInCreationException:
Error creating bean with name 'org.springdoc.ui.SwaggerConfig':
Requested bean is currently in creation: Is there an unresolvable
circular reference?
此错误记录在 https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-2.6-Release-Notes#circular-references-prohibited-by-default 上,我知道我可以通过设置 属性 并返回到 Spring Boot 2.5 行为来“修复”它。但是如果我可以的话趁机修复一个循环引用,我不妨为将来做。
我的 securityConfig 很简单,因为我的应用程序是一个 public 应用程序,向所有调用者返回一些 html 内容,无需身份验证。所以这是我的配置:
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity security) throws Exception {
//application is open to everyone - no security
security.httpBasic().disable();
}
}
错误提到的 setContentNegotationStrategy 是 WebSecurityConfigurerAdapter 中的一个方法,我没有覆盖它,所以我无法理解我需要做什么。
如果我删除我的 SecurityConfig class,那么我仍然有一个错误,和以前一样,但没有提到我的 SecurityConfig class:
Error creating bean with name
'org.springframework.boot.autoconfigure.web.servlet.WebMvcAutoConfiguration$EnableWebMvcConfiguration':
Unsatisfied dependency expressed through method 'setConfigurers'
parameter 0;
nested exception is
org.springframework.beans.factory.UnsatisfiedDependencyException:
Error creating bean with name 'org.springdoc.ui.SwaggerConfig':
Unsatisfied dependency expressed through field
'swaggerIndexTransformer';
nested exception is
org.springframework.beans.factory.BeanCurrentlyInCreationException:
Error creating bean with name 'org.springdoc.ui.SwaggerConfig':
Requested bean is currently in creation: Is there an unresolvable
circular reference?
处理 Spring 安全和 org.springdoc.ui.SwaggerConfig 之间看似循环引用的推荐方法是什么?
问题是由 org.springdoc.ui.SwaggerConfig 引起的。它已被 these changes which are available in springdocs-openapi 1.5.13.
修复
将我的应用程序从 Spring Boot 2.5 升级到 2.6 时,出现此错误:
Error creating bean with name 'securityConfig': Unsatisfied dependency expressed through method 'setContentNegotationStrategy' parameter 0;
nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.springframework.boot.autoconfigure.web.servlet.WebMvcAutoConfiguration$EnableWebMvcConfiguration': Unsatisfied dependency expressed through method 'setConfigurers' parameter 0;
nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.springdoc.ui.SwaggerConfig': Unsatisfied dependency expressed through field 'swaggerIndexTransformer';
nested exception is org.springframework.beans.factory.BeanCurrentlyInCreationException: Error creating bean with name 'org.springdoc.ui.SwaggerConfig': Requested bean is currently in creation: Is there an unresolvable circular reference?
此错误记录在 https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-2.6-Release-Notes#circular-references-prohibited-by-default 上,我知道我可以通过设置 属性 并返回到 Spring Boot 2.5 行为来“修复”它。但是如果我可以的话趁机修复一个循环引用,我不妨为将来做。
我的 securityConfig 很简单,因为我的应用程序是一个 public 应用程序,向所有调用者返回一些 html 内容,无需身份验证。所以这是我的配置:
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity security) throws Exception {
//application is open to everyone - no security
security.httpBasic().disable();
}
}
错误提到的 setContentNegotationStrategy 是 WebSecurityConfigurerAdapter 中的一个方法,我没有覆盖它,所以我无法理解我需要做什么。
如果我删除我的 SecurityConfig class,那么我仍然有一个错误,和以前一样,但没有提到我的 SecurityConfig class:
Error creating bean with name 'org.springframework.boot.autoconfigure.web.servlet.WebMvcAutoConfiguration$EnableWebMvcConfiguration': Unsatisfied dependency expressed through method 'setConfigurers' parameter 0;
nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.springdoc.ui.SwaggerConfig': Unsatisfied dependency expressed through field 'swaggerIndexTransformer';
nested exception is org.springframework.beans.factory.BeanCurrentlyInCreationException: Error creating bean with name 'org.springdoc.ui.SwaggerConfig': Requested bean is currently in creation: Is there an unresolvable circular reference?
处理 Spring 安全和 org.springdoc.ui.SwaggerConfig 之间看似循环引用的推荐方法是什么?
问题是由 org.springdoc.ui.SwaggerConfig 引起的。它已被 these changes which are available in springdocs-openapi 1.5.13.