【发布时间】:2021-10-13 04:58:36
【问题描述】:
我有一个 SpringBoot 应用程序,我正在尝试将其从较旧的 Spring Security OAuth 2.x 库更新到较新的 Spring Security 5.5.x。最初我的配置类使用 @EnableResourceServer 注释,但根据迁移指南,它被 Spring Security oauth2ResourceServer DSL 方法替换。
我已添加自定义 JWT 身份验证转换器,但现在在启动时收到以下警告:
09:30:51.591 [, , ] [main] WARN %->5level org.springframework.web.context.support.AnnotationConfigWebApplicationContext - Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type 'org.springframework.security.oauth2.jwt.JwtDecoder' available
我还看不到这个JwtDecoder 在过滤器链中的使用位置,但它正在阻止我的应用程序启动。
@Configuration
@Order(OAuthTokenApiSecurityConfig.ORDER)
public class OAuthTokenApiSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
public void configure(final HttpSecurity http) throws Exception { // NOPMD
// @formatter:off
http
.requestMatcher(new OAuth2RequestMatcher())
...
...
.oauth2ResourceServer()
.jwt()
.jwtAuthenticationConverter(customTokenAuthenticationConverter());
// @formatter:on
}
@Bean
public CustomTokenAuthenticationConverter customTokenAuthenticationConverter() {
return new CustomTokenAuthenticationConverter();
}
@Bean
public JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter() {
return new JwtGrantedAuthoritiesConverter();
}
}
dependecies {
api("org.springframework.security:spring-security-oauth2-resource-server")
api("org.springframework.security:spring-security-oauth2-core")
api("org.springframework.security:spring-security-oauth2-jose")
api("com.nimbusds:nimbus-jose-jwt")
}
springBootVersion=2.5.3
springSecurity=5.5.1
我是否缺少一些依赖项,或者是否有一些配置或其他东西?
【问题讨论】:
标签: spring spring-boot spring-security spring-security-oauth2