0
這可能與某些加載順序問題有關,但我不確定/正在尋找確認。我正在開發一個遺留項目,我們無法切換到SpringBoot配置,但我們已將所有核心彈簧罐更新爲4.2.x.Spring'AuthenticationManager'是必需的'帶xml配置的Java註釋配置
每當我啓動啓用安全配置的服務器(運行在Jetty容器中)時,我會在[1]下面收到以下錯誤。
我的XML配置看起來像這樣:
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:task="http://www.springframework.org/schema/task"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.2.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util-4.2.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-4.2.xsd
http://www.springframework.org/schema/task
http://www.springframework.org/schema/task/spring-task-4.2.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-4.0.xsd">
<context:annotation-config />
<bean class="com.company.project.config.SecurityConfiguration"/>
我有我第一次寫的SecurityConfiguration樣本春天啓動的項目,我沒有收到異常出現。
我的安全配置是這樣的:
@Configuration
@EnableWebSecurity
@EnableCustomSSOSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Value("${sso.host}")
private String host;
@Value("${sso.appId}")
private String appId;
@Value("${sso.targetService}")
private String target;
@Autowired
private CustomUserDetailsService userDetailsService;
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring()
.antMatchers("/scripts/**/*.{js,html}")
.antMatchers("/bower_components/**")
.antMatchers("/i18n/**")
.antMatchers("/assets/**")
.antMatchers("/swagger-ui/index.html")
.antMatchers("/test/**");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf()
.disable()
.apply(CustomSSOConfigurer.configure(host))
.appId(appId)
.targetService(target)
.authenticatedUserDetailsService(customUserDetailsService)
.and()
.logout()
.deleteCookies("JSESSIONID")
.logoutSuccessUrl("/logout")
.invalidateHttpSession(true)
.and()
.authorizeRequests()
.antMatchers("/*").permitAll();
}
}
產生的問題是,因爲沒有配置authenticationProviders。所以在AuthenticationManagerBuilder此代碼返回null:
@Override
protected ProviderManager performBuild() throws Exception {
if (!isConfigured()) {
logger.debug("No authenticationProviders and no parentAuthenticationManager defined. Returning null.");
return null;
}
當我從春天開機啓動,我看到下面的AuthenticationProvider:
org.spring[email protected]4fcf4925
這導致ProviderManager的創建,並最終認證經理。
這個DaoAuthenticationProvider來自哪裏?我應該如何配置它或缺少什麼xml配置?這與加載順序有關嗎?
任何幫助,非常感謝。
[1]從服務器錯誤
2015-12-02 09:58:05,230 [WARN ] org.springframework.context.support.ClassPathXmlApplicationContext [main] - Exception encountered during context initialization - cancelling refresh attempt
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'methodSecurityInterceptor' defined in class path resource [org/springframework/security/config/annotation/method/configuration/GlobalMethodSecurityConfiguration.class]: Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: An AuthenticationManager is required
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1578)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:545)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:482)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:305)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:301)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:196)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:772)
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:835)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:537)
at com.company.core.common.configuration.Config.initContext(Config.java:753)
at com.company.core.common.configuration.Config.initContext(Config.java:893)
at com.company.core.common.configuration.Config.getApplicationContext(Config.java:1188)
at com.company.core.common.ApplicationBase.initContext(ApplicationBase.java:59)
at com.company.core.common.ApplicationBase.run(ApplicationBase.java:157)
at com.company.core.web.ApplicationBaseInitListener.contextInitialized(ApplicationBaseInitListener.java:58)
at com.company.project.core.web.ICFAplicationBaseListener.contextInitialized(ICFAplicationBaseListener.java:50)
at org.eclipse.jetty.server.handler.ContextHandler.callContextInitialized(ContextHandler.java:778)
at org.eclipse.jetty.servlet.ServletContextHandler.callContextInitialized(ServletContextHandler.java:425)
at org.eclipse.jetty.server.handler.ContextHandler.startContext(ContextHandler.java:770)
at org.eclipse.jetty.servlet.ServletContextHandler.startContext(ServletContextHandler.java:275)
at org.eclipse.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1312)
at org.eclipse.jetty.server.handler.ContextHandler.doStart(ContextHandler.java:722)
at org.eclipse.jetty.webapp.WebAppContext.doStart(WebAppContext.java:490)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:69)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:108)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:90)
at org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:58)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:69)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:108)
at org.eclipse.jetty.server.Server.start(Server.java:346)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:90)
at org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:58)
at org.eclipse.jetty.server.Server.doStart(Server.java:294)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:69)
at com.company.project.jetty.StartICFServer.startServer(StartICFServer.java:93)
at com.company.project.jetty.StartICFServer.main(StartICFServer.java:37)
Caused by: java.lang.IllegalArgumentException: An AuthenticationManager is required
at org.springframework.util.Assert.notNull(Assert.java:115)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.afterPropertiesSet(AbstractSecurityInterceptor.java:131)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1637)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1574)
... 36 more