1. 首頁
  2. 問答
  3. 沒有發現ResourceServerTokenServices的Bean - Spring-Security-Oauth2

沒有發現ResourceServerTokenServices的Bean - Spring-Security-Oauth2

2014-11-22 142 views
0

我正在用spring-boot建立一個示例項目來學習它。
具體來說,我試圖整合spring-security-oauth2模塊來保護我的休息服務。 我跟着這個示例項目,顯示了一個非常簡單的內存登錄系統:https://github.com/royclarkson/spring-rest-service-oauth
它的工作原理,這是很好的。
無論如何,當我試圖把它在我的應用程序集成,我得到以下異常:沒有發現ResourceServerTokenServices的Bean - Spring-Security-Oauth2

...  
Caused by: java.lang.IllegalStateException: Could not wire ResourceServerTokenServices: please create a bean definition and mark it as @Primary. 
     at org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration.resolveTokenServices(ResourceServerConfiguration.java:170) ~[spring-security-oauth2-2.0.4.RELEASE.jar:na] 
     at org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration.configure(ResourceServerConfiguration.java:140) ~[spring-security-oauth2-2.0.4.RELEASE.jar:na] 
     at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.getHttp(WebSecurityConfigurerAdapter.java:199) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE] 
     at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:283) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE] 
     at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:68) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE] 
     at org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration$$EnhancerByCGLIB$$71f30f65.init(<generated>) ~[spring-core-4.0.1.RELEASE.jar:na] 
     at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.init(AbstractConfiguredSecurityBuilder.java:367) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE] 
     at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:320) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE] 
     at org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:39) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE] 
     at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain(WebSecurityConfiguration.java:92) ~[spring-security-config-3.2.5.RELEASE.jar:3.2.5.RELEASE] 
     at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerByCGLIB$$373175f.CGLIB$springSecurityFilterChain$3(<generated>) ~[spring-core-4.0.1.RELEASE.jar:3.2.5.RELEASE] 
     at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerByCGLIB$$373175f$$FastClassByCGLIB$$ffddf00e.invoke(<generated>) ~[spring-core-4.0.1.RELEASE.jar:3.2.5.RELEASE] 
     at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) ~[spring-core-4.0.1.RELEASE.jar:4.0.1.RELEASE] 
     at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:326) ~[spring-context-4.0.1.RELEASE.jar:4.0.1.RELEASE] 
     at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerByCGLIB$$373175f.springSecurityFilterChain(<generated>) ~[spring-core-4.0.1.RELEASE.jar:3.2.5.RELEASE] 
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0] 
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0] 
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0] 
     at java.lang.reflect.Method.invoke(Method.java:483) ~[na:1.8.0] 
     at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:166) ~[spring-beans-4.0.1.RELEASE.jar:4.0.1.RELEASE] 
     ... 27 common frames omitted

據我所知,在DefaultTokenServices實施ResourceServerTokenServices應該是準備使用,而無需進一步實施(在執法機關對於本簡單的情況)。我錯了嗎?

下面的代碼片段是我的OAuth配置類:

AuthorizationServerConfiguration:

@Configuration @EnableAuthorizationServer 
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter { 

    private TokenStore tokenStore = new InMemoryTokenStore(); 

    @Inject 
    @Qualifier("authenticationManagerBean") 
    private AuthenticationManager authenticationManager; 

    @Inject 
    private ResourceIdProvider resourceIdProvider; 

    @Override 
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { 
     endpoints 
      .tokenStore(tokenStore) 
      .authenticationManager(authenticationManager); 
    } 

    @Override 
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception { 
     clients 
      .inMemory() 
      .withClient("clientapp") 
      .authorizedGrantTypes("password", "refresh_token") 
      .authorities("USER") 
      .scopes("read", "write") 
      .resourceIds(this.resourceIdProvider.getResourceId()) 
      .secret("123456"); 
    } 

    @Bean 
    public ResourceServerTokenServices tokenServices() { 
     DefaultTokenServices tokenServices = new DefaultTokenServices(); 
     tokenServices.setSupportRefreshToken(true); 
     tokenServices.setTokenStore(this.tokenStore); 
     return tokenServices; 
    } }

ResourceServerConfigurationImpl:

@Configuration @EnableResourceServer 
public class ResourceServerConfigurationImpl extends ResourceServerConfigurerAdapter { 

    @Inject 
    private ResourceIdProvider resourceIdProvider; 

    @Override 
    public void configure(ResourceServerSecurityConfigurer resources) { 
     resources.resourceId(this.resourceIdProvider.getResourceId()); 
    } 

    @Override 
    public void configure(HttpSecurity http) throws Exception { 
     http 
      .authorizeRequests() 
      .antMatchers("/rest/user") 
      .authenticated(); 
    } }

InMemoryWebSecurityConfiguration:

@Configuration @EnableWebSecurity 
public class InMemoryWebSecurityConfiguration extends WebSecurityConfigurerAdapter { 

    @Override 
    protected void configure(AuthenticationManagerBuilder auth) throws Exception { 
     auth 
      .inMemoryAuthentication() 
      .withUser("roy") 
      .password("spring") 
      .roles("USER"); 
    } 

    @Override 
    @Bean 
    public AuthenticationManager authenticationManagerBean() throws Exception { 
     return super.authenticationManagerBean(); 
    } 

}

有人能幫我搞定這個嗎?
如果你需要更多的代碼讓我知道。
在此先感謝!

來源

2014-11-22 andreapier

+1

錯誤消息中有一個提示(將標記服務標記爲'@ Primary')。你嘗試過嗎? – 2014-11-22 15:46:30

+0

我沒有...'@小學'做了詭計,謝謝。我不敢相信我只是需要這個。如果您將此評論複製爲答案,我會很樂意將其標記爲正確的答案。 – andreapier 2014-11-22 15:51:13

回答

2

錯誤消息中有提示(將您的令牌服務標記爲@Primary)。這應該工作。另外(我認爲)你可以在ResourceServerConfigurer中注入TokenStore,並與其他環境共享。

來源

2014-11-22 18:31:07

相關問題

 相關問題