找不到用于ResourceServerTokenServices的java Bean SpringSecurityOauth2
我正在用spring boot构建一个示例项目,只是为了了解一些有关它的信息
具体来说,我正在尝试集成spring-security-oauth2模块来保护我的rest服务。
我遵循了这个示例项目,它展示了一个非常简单的内存登录系统:https://github.com/royclarkson/spring-rest-service-oauth
这很有效,这很好
无论如何,当我试图将其集成到我的应用程序中时,我得到了以下例外:
...
Caused by: java.lang.IllegalStateException: Could not wire ResourceServerTokenServices: please create a bean definition and mark it as @Primary.
at org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration.resolveTokenServices(ResourceServerConfiguration.java:170) ~[spring-security-oauth2-2.0.4.RELEASE.jar:na]
at org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration.configure(ResourceServerConfiguration.java:140) ~[spring-security-oauth2-2.0.4.RELEASE.jar:na]
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.getHttp(WebSecurityConfigurerAdapter.java:199) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE]
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:283) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE]
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:68) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE]
at org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration$$EnhancerByCGLIB$$71f30f65.init(<generated>) ~[spring-core-4.0.1.RELEASE.jar:na]
at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.init(AbstractConfiguredSecurityBuilder.java:367) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE]
at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:320) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE]
at org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:39) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE]
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain(WebSecurityConfiguration.java:92) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE]
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerByCGLIB$$373175f.CGLIB$springSecurityFilterChain$3(<generated>) ~[spring-core-4.0.1.RELEASE.jar:3.2.5.RELEASE]
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerByCGLIB$$373175f$$FastClassByCGLIB$$ffddf00e.invoke(<generated>) ~[spring-core-4.0.1.RELEASE.jar:3.2.5.RELEASE]
at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) ~[spring-core-4.0.1.RELEASE.jar:4.0.1.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:326) ~[spring-context-4.0.1.RELEASE.jar:4.0.1.RELEASE]
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerByCGLIB$$373175f.springSecurityFilterChain(<generated>) ~[spring-core-4.0.1.RELEASE.jar:3.2.5.RELEASE]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0]
at java.lang.reflect.Method.invoke(Method.java:483) ~[na:1.8.0]
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:166) ~[spring-beans-4.0.1.RELEASE.jar:4.0.1.RELEASE]
... 27 common frames omitted
据我所知,ResourceServerTokenServices的DefaultTokenServices实现应该可以随时使用,而无需进一步实现(至少对于这个简单的场景)。我错了吗
以下代码片段是我的oauth配置类:
授权服务器配置:
@Configuration @EnableAuthorizationServer
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
private TokenStore tokenStore = new InMemoryTokenStore();
@Inject
@Qualifier("authenticationManagerBean")
private AuthenticationManager authenticationManager;
@Inject
private ResourceIdProvider resourceIdProvider;
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints
.tokenStore(tokenStore)
.authenticationManager(authenticationManager);
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients
.inMemory()
.withClient("clientapp")
.authorizedGrantTypes("password", "refresh_token")
.authorities("USER")
.scopes("read", "write")
.resourceIds(this.resourceIdProvider.getResourceId())
.secret("123456");
}
@Bean
public ResourceServerTokenServices tokenServices() {
DefaultTokenServices tokenServices = new DefaultTokenServices();
tokenServices.setSupportRefreshToken(true);
tokenServices.setTokenStore(this.tokenStore);
return tokenServices;
} }
资源服务器配置mpl:
@Configuration @EnableResourceServer
public class ResourceServerConfigurationImpl extends ResourceServerConfigurerAdapter {
@Inject
private ResourceIdProvider resourceIdProvider;
@Override
public void configure(ResourceServerSecurityConfigurer resources) {
resources.resourceId(this.resourceIdProvider.getResourceId());
}
@Override
public void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/rest/user")
.authenticated();
} }
InMemoryWebSecurityConfiguration:
@Configuration @EnableWebSecurity
public class InMemoryWebSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("roy")
.password("spring")
.roles("USER");
}
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
}
谁能帮我把这个弄起来吗
如果你需要更多的代码,请告诉我
提前谢谢
# 1 楼答案
自从2.0.5版本发布以来,我就遇到了同样的问题,但在2.0.4-BUILD-SNAPSHOT上没有出现。我在这里提出了一个问题: https://github.com/spring-projects/spring-security-oauth/issues/342