spring-security 考虑在配置中定义一个类型为“org.springframework.security.authentication.AuthenticationManager”的Bean

t9eec4r0  于 2022-11-11  发布在  Spring
关注(0)|答案(5)|浏览(318)

我遵循了这里提到的一些建议,但这些建议对我不起作用。因此,把问题放在这里
1.如何在自定义过滤器中使用Java配置插入AuthenticationManager

  1. Spring required a bean of type 'AuthenticationManager'
    有人能告诉我问题是什么以及如何解决吗?

错误:


***************************

APPLICATION FAILED TO START

***************************

Description:

Field authenticationManager in com.techprimers.security.springsecurityauthserver.config.AuthorizationServerConfig required a bean of type 'org.springframework.security.authentication.AuthenticationManager' that could not be found.

Action:

Consider defining a bean of type 'org.springframework.security.authentication.AuthenticationManager' in your configuration.

授权服务器配置.java

@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

    @Autowired
    private AuthenticationManager authenticationManager;

    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {

        security.tokenKeyAccess("permitAll()")
                .checkTokenAccess("isAuthenticated()");
    }

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients
                .inMemory()
                .withClient("ClientId")
                .secret("secret")
                .authorizedGrantTypes("authorization_code")
                .scopes("user_info")
                .autoApprove(true);
    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {

        endpoints.authenticationManager(authenticationManager);
    }
}

资源服务器配置.java

@EnableResourceServer
@Configuration
public class ResourceServerConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    @Qualifier("authenticationManagerBean")
    private AuthenticationManager authenticationManager;
    @Autowired
    private UserDetailsService customUserDetailsService;

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http.requestMatchers()
                .antMatchers("/login", "/oauth/authorize")
                .and()
                .authorizeRequests()
                .anyRequest()
                .authenticated()
                .and()
                .formLogin()
                .permitAll();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.parentAuthenticationManager(authenticationManager)
                .userDetailsService(customUserDetailsService);
    }
}

代码参考取自https://github.com/TechPrimers/spring-security-oauth-mysql-example,仅将Sping Boot 父版本更新为2.0.4.RELEASE,事情开始中断。

yvfmudvl

yvfmudvl1#

这似乎是Sping Boot 2.0引入的“突破性变化”之一。我相信您的案例在Spring Boot 2.0迁移指南中有所描述。
在您的WebSecurityConfigurerAdapter类中,您需要覆盖authenticationManagerBean方法并使用@Bean对其进行注解,即:

@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
    return super.authenticationManagerBean();
}
2q5ifsrm

2q5ifsrm2#

just add this to the AuthenticationManagerBuilder

@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
    return super.authenticationManagerBean();
}

and in your controller where you need to use it add this :

 @Autowired
    private AuthenticationManager authenticationManager;
oyt4ldly

oyt4ldly3#

您可能需要考虑注册GlobalAuthenticationConfigurerAdapter来配置AuthenticationManager

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfiguration {

    @Bean
    public AuthenticationManager authenticationManager(AuthenticationConfiguration authConfig) throws Exception {
        final List<GlobalAuthenticationConfigurerAdapter> configurers = new ArrayList<>();
        configurers.add(new GlobalAuthenticationConfigurerAdapter() {
                    @Override
                    public void configure(AuthenticationManagerBuilder auth) throws Exception {
                        // auth.doSomething()
                    }
                }
        );
        return authConfig.getAuthenticationManager();
    }

}

例如,我假设您要注册一个自定义的UserDetailsService(即MyUserDetailsService)和一个自定义的密码编码器(MyPasswordEncoder)。

lxkprmvk

lxkprmvk4#

您可以执行以下命令:“mvn clean package”,然后重新启动应用程序

laximzn5

laximzn55#

请考虑在配置中定义一个类型为“org.springframework.security.core.userdetails.UserDetails”的Bean。

相关问题