找不到BearerTokenAccessDeniedHandler类定义

qlvxas9a 于 2022-10-23 发布在 Spring

关注(0)|答案(4)|浏览(176)

然而，当我尝试运行以下代码时，我正在尝试一个使用Spring Boot 2.1.1和SpringSec5作为OAuth2资源服务器的演示项目

ENV

Spring Boot 2.1.1版本
Spring安全核心5.1.2
Java 8
代码

@RestController
    @SpringBootApplication
   //  @EnableResourceServer
    public class MyApplication {

    public static void main(String[] args) {
        SpringApplication.run(MyApplication.class, args);
    }
    @GetMapping("/hello")
    public String sayHello() {
    return "Hello World";
    }

    @Configuration
    static class MyWebSecurityConfigurerAdapter extends 
    WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests().anyRequest().authenticated()
                .and()
                .oauth2ResourceServer().jwt(); // <--- throws error

        }
      }

    }

这会抛出错误
工厂方法“springSecurityFilterChain”引发异常；嵌套异常为java.lang.NoClassDefFoundError：org/springframework/security/oauth2/server/resource/web/access/BearerTokenAccessDeniedHandler

构建

我的依赖项如下所示

dependencies {

implementation('org.springframework.boot:spring-boot-starter-web')
implementation('org.springframework.boot:spring-boot-starter-security')
implementation(group: 'org.springframework.security.oauth.boot', name: 'spring-security-oauth2-autoconfigure', version: '2.1.1.RELEASE')

implementation(group: 'org.springframework.security.oauth', name: 'spring-security-oauth2', version: '2.3.4.RELEASE')
}

spring

来源：https://stackoverflow.com/questions/53919562/bearertokenaccessdeniedhandler-class-definition-not-found

4条答案

按热度按时间

nuypyhwy1#

添加spring-boot-starter-oauth2-resource-server依赖项时，异常消失

赞(0）回复(0）举报 2022-10-23

ycggw6v22#

我也是。
但我是在org.springframework.boot:spring-boot-starter-oauth2-resource-server里找到的
顺便说一下，我导入了org.springframework.boot:spring-boot-starter-oauth2-resource-server包并使用：

http
                .authorizeRequests()
                .antMatchers("/**").hasAnyRole("admin")
                .anyRequest().authenticated();
                //.and()
                //.oauth2ResourceServer() don't use it,
                //.jwt();
                // Do not use it, otherwise you must define 
                // jwtDecoderByIssuerUri or jwtDecoderByJwkKeySetUri

如果您想启用oauth2ResourceServer，可能需要等待Spring Security 5.3.x。
可能与next-generation-oauth-2-0-support-with-spring-security有关

赞(0）回复(0）举报 2022-10-23

bq9c1y663#

我把其他答案都改了，但在我的build.gradle文件中用的是“实施”

implementation 'org.springframework.security:spring-security-oauth2-resource-server'

为什么要用“实施”？

‘Compile’配置仍然存在，但不应使用，因为它不会提供‘API’和‘Implementation’配置所提供的保证。*

以上引述自：((https://docs.gradle.org/current/userguide/java_library_plugin.html#sec:java_library_separation))

我的完整文件如下

plugins {
    id 'java'
}

group 'com.mycompany.mything'
version '1.0-SNAPSHOT'

sourceCompatibility = 1.8

repositories {
    mavenCentral()
}

apply plugin: 'org.springframework.boot'
apply plugin: 'io.spring.dependency-management'

dependencies {

implementation 'org.springframework.boot:spring-boot-starter-data-rest'
implementation 'org.springframework.boot:spring-boot-starter-data-jpa'

implementation 'org.springframework.boot:spring-boot-starter-security'
//    implementation 'org.springframework.boot:spring-boot-starter-web'
implementation 'org.springframework.security:spring-security-oauth2-resource-server'
implementation 'org.springframework.security:spring-security-oauth2-jose'
//    implementation 'org.springframework.security:spring-security-config'

}

另请参阅
https://medium.com/mindorks/implementation-vs-api-in-gradle-3-0-494c817a6fa
用于实施与API的讨论

赞(0）回复(0）举报 2022-10-23

zazmityj4#

我面临着同样的问题，希望我找到的解决方案能帮助一些人。
当您使用Spring-Security-OAuth2并启用资源服务器时，请使用WebSecurityConfigurerAdapter进行端点安全配置并覆盖方法public void configure(HttpSecurity security) throws Exception{}

赞(0）回复(0）举报 2022-10-23

我来回答

找不到BearerTokenAccessDeniedHandler类定义

4条答案

以上引述自：((https://docs.gradle.org/current/userguide/java_library_plugin.html#sec:java_library_separation))

相关问题

热门标签

最新问答