错误:找到WebSecurityConfigureAdapter以及securityfilterchain请只选择一个

esbemjvw  于 2021-10-10  发布在  Java
关注(0)|答案(1)|浏览(1726)

我使用JavaSpringBoot,使用vaadin框架在tomcat上部署webapp。我正在使用spring security与okta通信,在部署我的war时遇到了一个问题。
以下是我的pom.xml:

  1. <?xml version="1.0" encoding="UTF-8"?>
  2. <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  3. xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  4. <modelVersion>4.0.0</modelVersion>
  5. <groupId>com.test.dashboard</groupId>
  6. <artifactId>test-custom-dashboard</artifactId>
  7. <name>Custom dashboard</name>
  8. <version>1.0.0-SNAPSHOT</version>
  9. <packaging>war</packaging>
  10. <properties>
  11. <java.version>8</java.version>
  12. <vaadin.version>14.5.3</vaadin.version>
  13. </properties>
  14. <parent>
  15. <groupId>org.springframework.boot</groupId>
  16. <artifactId>spring-boot-starter-parent</artifactId>
  17. <version>2.4.5</version>
  18. </parent>
  19. <repositories>
  20. <!-- The order of definitions matters. Explicitly defining central here to make sure it has the highest priority. -->
  21. <!-- Main Maven repository -->
  22. <repository>
  23. <id>central</id>
  24. <url>https://repo.maven.apache.org/maven2</url>
  25. <snapshots>
  26. <enabled>false</enabled>
  27. </snapshots>
  28. </repository>
  29. <!-- Repository used by many Vaadin add-ons -->
  30. <repository>
  31. <id>Vaadin Directory</id>
  32. <url>https://maven.vaadin.com/vaadin-addons</url>
  33. <snapshots>
  34. <enabled>false</enabled>
  35. </snapshots>
  36. </repository>
  37. </repositories>
  38. <pluginRepositories>
  39. <!-- Main Maven repository -->
  40. <pluginRepository>
  41. <id>central</id>
  42. <url>https://repo.maven.apache.org/maven2</url>
  43. <snapshots>
  44. <enabled>false</enabled>
  45. </snapshots>
  46. </pluginRepository>
  47. </pluginRepositories>
  48. <dependencyManagement>
  49. <dependencies>
  50. <dependency>
  51. <groupId>com.vaadin</groupId>
  52. <artifactId>vaadin-bom</artifactId>
  53. <version>${vaadin.version}</version>
  54. <type>pom</type>
  55. <scope>import</scope>
  56. </dependency>
  57. </dependencies>
  58. </dependencyManagement>
  59. <dependencies>
  60. <dependency>
  61. <groupId>com.vaadin</groupId>
  62. <!-- Replace artifactId with vaadin-core to use only free components -->
  63. <artifactId>vaadin</artifactId>
  64. <exclusions>
  65. <!-- Webjars are only needed when running in Vaadin 13 compatibility mode -->
  66. <exclusion>
  67. <groupId>com.vaadin.webjar</groupId>
  68. <artifactId>*</artifactId>
  69. </exclusion>
  70. <exclusion>
  71. <groupId>org.webjars.bowergithub.insites</groupId>
  72. <artifactId>*</artifactId>
  73. </exclusion>
  74. <exclusion>
  75. <groupId>org.webjars.bowergithub.polymer</groupId>
  76. <artifactId>*</artifactId>
  77. </exclusion>
  78. <exclusion>
  79. <groupId>org.webjars.bowergithub.polymerelements</groupId>
  80. <artifactId>*</artifactId>
  81. </exclusion>
  82. <exclusion>
  83. <groupId>org.webjars.bowergithub.vaadin</groupId>
  84. <artifactId>*</artifactId>
  85. </exclusion>
  86. <exclusion>
  87. <groupId>org.webjars.bowergithub.webcomponents</groupId>
  88. <artifactId>*</artifactId>
  89. </exclusion>
  90. </exclusions>
  91. </dependency>
  92. <dependency>
  93. <groupId>com.vaadin</groupId>
  94. <artifactId>vaadin-spring-boot-starter</artifactId>
  95. <exclusions>
  96. <!-- Excluding so that webjars are not included. -->
  97. <exclusion>
  98. <groupId>com.vaadin</groupId>
  99. <artifactId>vaadin-core</artifactId>
  100. </exclusion>
  101. </exclusions>
  102. </dependency>
  103. <dependency>
  104. <groupId>org.vaadin.artur</groupId>
  105. <artifactId>a-vaadin-helper</artifactId>
  106. <version>1.6.0</version>
  107. </dependency>
  108. <dependency>
  109. <groupId>org.springframework.boot</groupId>
  110. <artifactId>spring-boot-starter-validation</artifactId>
  111. <exclusions>
  112. <exclusion>
  113. <groupId>org.springframework.boot</groupId>
  114. <artifactId>spring-boot-starter-logging</artifactId>
  115. </exclusion>
  116. </exclusions>
  117. </dependency>
  118. <dependency>
  119. <groupId>org.springframework.boot</groupId>
  120. <artifactId>spring-boot-starter-log4j2</artifactId>
  121. </dependency>
  122. <dependency>
  123. <groupId>org.springframework.boot</groupId>
  124. <artifactId>spring-boot-devtools</artifactId>
  125. <optional>true</optional>
  126. </dependency>
  127. <dependency>
  128. <groupId>io.github.bonigarcia</groupId>
  129. <artifactId>webdrivermanager</artifactId>
  130. <version>3.8.1</version>
  131. <scope>test</scope>
  132. </dependency>
  133. <dependency>
  134. <groupId>org.springframework.boot</groupId>
  135. <artifactId>spring-boot-starter-test</artifactId>
  136. <scope>test</scope>
  137. </dependency>
  138. <dependency>
  139. <groupId>com.vaadin</groupId>
  140. <artifactId>vaadin-testbench</artifactId>
  141. <scope>test</scope>
  142. </dependency>
  143. <!-- Include JUnit 4 support for TestBench and others -->
  144. <dependency>
  145. <groupId>org.junit.vintage</groupId>
  146. <artifactId>junit-vintage-engine</artifactId>
  147. <scope>test</scope>
  148. <exclusions>
  149. <exclusion>
  150. <groupId>org.hamcrest</groupId>
  151. <artifactId>hamcrest-core</artifactId>
  152. </exclusion>
  153. </exclusions>
  154. </dependency>
  155. <dependency>
  156. <groupId>io.github.bonigarcia</groupId>
  157. <artifactId>webdrivermanager</artifactId>
  158. <version>3.8.1</version>
  159. <scope>test</scope>
  160. </dependency>
  161. <dependency>
  162. <groupId>com.microsoft.azure</groupId>
  163. <artifactId>applicationinsights-logging-log4j2</artifactId>
  164. <version>[2.1,)</version>
  165. </dependency>
  166. <!-- Security -->
  167. <dependency>
  168. <groupId>com.okta.spring</groupId>
  169. <artifactId>okta-spring-boot-starter</artifactId>
  170. <version>1.4.0</version>
  171. </dependency>
  172. <dependency>
  173. <groupId>org.springframework.boot</groupId>
  174. <artifactId>spring-boot-starter-web</artifactId>
  175. </dependency>
  176. <!--database dependencies -->
  177. <dependency>
  178. <groupId>org.springframework.boot</groupId>
  179. <artifactId>spring-boot-starter-jdbc</artifactId>
  180. </dependency>
  181. <dependency>
  182. <groupId>com.microsoft.sqlserver</groupId>
  183. <artifactId>mssql-jdbc</artifactId>
  184. <scope>runtime</scope>
  185. </dependency>
  186. <dependency>
  187. <groupId>io.github.lyvoc</groupId>
  188. <artifactId>okta-connector</artifactId>
  189. <version>[1.0.4,)</version>
  190. </dependency>
  191. </dependencies>
  192. <build>
  193. <defaultGoal>spring-boot:run</defaultGoal>
  194. <finalName>portal01apps</finalName>
  195. <plugins>
  196. <plugin>
  197. <groupId>org.springframework.boot</groupId>
  198. <artifactId>spring-boot-maven-plugin</artifactId>
  199. <version>2.4.4</version>
  200. <!-- Clean build and startup time for Vaadin apps sometimes may exceed
  201. the default Spring Boot's 30sec timeout. -->
  202. <configuration>
  203. <wait>500</wait>
  204. <maxAttempts>240</maxAttempts>
  205. </configuration>
  206. </plugin>
  207. <plugin>
  208. <groupId>com.vaadin</groupId>
  209. <artifactId>vaadin-maven-plugin</artifactId>
  210. <version>${vaadin.version}</version>
  211. <executions>
  212. <execution>
  213. <goals>
  214. <goal>prepare-frontend</goal>
  215. </goals>
  216. </execution>
  217. </executions>
  218. </plugin>
  219. </plugins>
  220. </build>
  221. <profiles>
  222. <profile>
  223. <id>dev</id>
  224. <activation>
  225. <activeByDefault>true</activeByDefault>
  226. </activation>
  227. <properties>
  228. <activatedProperties>dev</activatedProperties>
  229. </properties>
  230. </profile>
  231. <profile>
  232. <id>lyvoc</id>
  233. <properties>
  234. <activatedProperties>lyvoc</activatedProperties>
  235. </properties>
  236. <build>
  237. <plugins>
  238. <plugin>
  239. <groupId>com.vaadin</groupId>
  240. <artifactId>vaadin-maven-plugin</artifactId>
  241. <version>${vaadin.version}</version>
  242. <executions>
  243. <execution>
  244. <goals>
  245. <goal>build-frontend</goal>
  246. </goals>
  247. <phase>compile</phase>
  248. </execution>
  249. </executions>
  250. <configuration>
  251. <productionMode>true</productionMode>
  252. </configuration>
  253. </plugin>
  254. </plugins>
  255. </build>
  256. </profile>
  257. <profile>
  258. <id>uat</id>
  259. <properties>
  260. <activatedProperties>uat</activatedProperties>
  261. <vaadin.productionMode>true</vaadin.productionMode>
  262. </properties>
  263. <build>
  264. <plugins>
  265. <plugin>
  266. <groupId>com.vaadin</groupId>
  267. <artifactId>vaadin-maven-plugin</artifactId>
  268. <version>${vaadin.version}</version>
  269. <executions>
  270. <execution>
  271. <goals>
  272. <goal>build-frontend</goal>
  273. </goals>
  274. <phase>compile</phase>
  275. </execution>
  276. </executions>
  277. <configuration>
  278. <productionMode>true</productionMode>
  279. </configuration>
  280. </plugin>
  281. </plugins>
  282. </build>
  283. </profile>
  284. <profile>
  285. <id>prod</id>
  286. <properties>
  287. <activatedProperties>prod</activatedProperties>
  288. <vaadin.productionMode>true</vaadin.productionMode>
  289. </properties>
  290. <build>
  291. <plugins>
  292. <plugin>
  293. <groupId>com.vaadin</groupId>
  294. <artifactId>vaadin-maven-plugin</artifactId>
  295. <version>${vaadin.version}</version>
  296. <executions>
  297. <execution>
  298. <goals>
  299. <goal>build-frontend</goal>
  300. </goals>
  301. <phase>compile</phase>
  302. </execution>
  303. </executions>
  304. <configuration>
  305. <productionMode>true</productionMode>
  306. </configuration>
  307. </plugin>
  308. </plugins>
  309. </build>
  310. </profile>
  311. </profiles>
  312. </project>

这是我的WebSecurity配置适配器类:

  1. import org.springframework.context.annotation.Configuration;
  2. import org.springframework.security.config.annotation.web.builders.HttpSecurity;
  3. import org.springframework.security.config.annotation.web.builders.WebSecurity;
  4. import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
  5. import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
  6. @Configuration
  7. @EnableWebSecurity
  8. public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
  9. @Override
  10. protected void configure(final HttpSecurity http) throws Exception {
  11. http.headers().disable();
  12. http.csrf().disable();
  13. http
  14. .authorizeRequests()
  15. .anyRequest().authenticated()
  16. .and().logout();
  17. }
  18. @Override
  19. public void configure(WebSecurity web) {
  20. web.ignoring().antMatchers(
  21. "/VAADIN/**",
  22. "/favicon.ico",
  23. "/robots.txt",
  24. "/manifest.webmanifest",
  25. "/sw.js",
  26. "/offline.html",
  27. "/icons/**",
  28. "/images/**",
  29. "/styles/**",
  30. "/h2-console/**");
  31. }
  32. }

以下是完整的堆栈跟踪:

  1. 20-May-2021 14:47:21.612 SEVERE [localhost-startStop-10] org.apache.catalina.core.ContainerBase.addChildInternal ContainerBase.addChild: start:
  2. org.apache.catalina.LifecycleException: Failed to start component [StandardEngine[Catalina].StandardHost[localhost].StandardContext[/portal01apps]]
  3. at org.apache.catalina.util.LifecycleBase.handleSubClassException(LifecycleBase.java:440)
  4. at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:198)
  5. at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:743)
  6. at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:719)
  7. at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:705)
  8. at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:938)
  9. at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1784)
  10. at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
  11. at java.util.concurrent.FutureTask.run(Unknown Source)
  12. at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
  13. at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
  14. at java.lang.Thread.run(Unknown Source)
  15. Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.IllegalStateException: Found WebSecurityConfigurerAdapter as well as SecurityFilterChain. Please select just one.
  16. at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:658)
  17. at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:486)
  18. at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1334)
  19. at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1177)
  20. at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:564)
  21. at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:524)
  22. at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
  23. at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
  24. at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
  25. at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
  26. at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:322)
  27. at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
  28. at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:944)
  29. at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:918)
  30. at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:583)
  31. at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:144)
  32. at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:782)
  33. at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:774)
  34. at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:439)
  35. at org.springframework.boot.SpringApplication.run(SpringApplication.java:339)
  36. at org.springframework.boot.web.servlet.support.SpringBootServletInitializer.run(SpringBootServletInitializer.java:173)
  37. at org.springframework.boot.web.servlet.support.SpringBootServletInitializer.createRootApplicationContext(SpringBootServletInitializer.java:153)
  38. at org.springframework.boot.web.servlet.support.SpringBootServletInitializer.onStartup(SpringBootServletInitializer.java:95)
  39. at org.springframework.web.SpringServletContainerInitializer.onStartup(SpringServletContainerInitializer.java:174)
  40. at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5160)
  41. at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
  42. ... 10 more
  43. Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.IllegalStateException: Found WebSecurityConfigurerAdapter as well as SecurityFilterChain. Please select just one.
  44. at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185)
  45. at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:653)
  46. ... 35 more
  47. Caused by: java.lang.IllegalStateException: Found WebSecurityConfigurerAdapter as well as SecurityFilterChain. Please select just one.
  48. at org.springframework.util.Assert.state(Assert.java:76)
  49. at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain(WebSecurityConfiguration.java:107)
  50. at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  51. at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
  52. at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
  53. at java.lang.reflect.Method.invoke(Unknown Source)
  54. at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154)
  55. ... 36 more
  56. 20-May-2021 14:47:21.612 SEVERE [localhost-startStop-10] org.apache.catalina.startup.HostConfig.deployWAR Error deploying web application archive [C:\Program Files\Apache Software Foundation\Tomcat 8.5\webapps\portal01apps.war]
  57. java.lang.IllegalStateException: ContainerBase.addChild: start: org.apache.catalina.LifecycleException: Failed to start component [StandardEngine[Catalina].StandardHost[localhost].StandardContext[/portal01apps]]
  58. at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:747)
  59. at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:719)
  60. at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:705)
  61. at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:938)
  62. at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1784)
  63. at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
  64. at java.util.concurrent.FutureTask.run(Unknown Source)
  65. at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
  66. at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
  67. at java.lang.Thread.run(Unknown Source)

我猜主要的问题是 Found WebSecurityConfigurerAdapter as well as SecurityFilterChain. Please select just one ,可能是因为依赖冲突,但我没有找到如何纠正它。
谢谢你的帮助!

yduiuuwa

yduiuuwa1#

其中一个依赖项似乎是通过公开 SecurityFilterChain ,而在代码中,您通过扩展 WebSecurityConfigurerAdapter .
spring security不允许您同时使用这两种配置样式,因为这样它就无法确定检查它们的顺序。
尝试将安全配置更改为不扩展 WebSecurityConfigurerAdapter . 您需要更改配置方式 HttpSecurity 以及如何配置 WebSecurity .

  1. @Configuration
  2. @EnableWebSecurity
  3. public class WebSecurityConfig {
  4. @Bean
  5. public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
  6. http.headers().disable();
  7. http.csrf().disable();
  8. http
  9. .authorizeRequests()
  10. .anyRequest().authenticated()
  11. .and().logout();
  12. return http.build();
  13. }
  14. @Bean
  15. public WebSecurityCustomizer webSecurityCustomizer() {
  16. return (web) -> web.ignoring().antMatchers(
  17. "/VAADIN/**",
  18. "/favicon.ico",
  19. "/robots.txt",
  20. "/manifest.webmanifest",
  21. "/sw.js",
  22. "/offline.html",
  23. "/icons/**",
  24. "/images/**",
  25. "/styles/**",
  26. "/h2-console/**");
  27. }
  28. }
展开查看全部

相关问题