spring 导致错误的原因:java.lang.找到了WebSecurityConfigurerAdapter和SecurityFilterChain,请只选择一个

b09cbbtk  于 2022-11-21  发布在  Spring
关注(0)|答案(1)|浏览(426)

I am upgrading spring boot 2.5.12 to Spring boot 2.7.2 in gradle kotlin. As per the link given <https://spring.io/blog/2022/02/21/spring-security-without-the-websecurityconfigureradapter > . When I have removed deprecated websecurityconfigureradapter getting exception. Code snippet is given below

@Configuration
@EnableWebSecurity
@Order(1)
public class BasicAuthC {
@Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http
                .requestMatchers().antMatchers("/api/anything"")
                .and()
                .authorizeRequests(requests -> requests.anyRequest().fullyAuthenticated())
                .httpBasic()
         return http.build();
    }

    @Bean
    public InMemoryUserDetailsManager memoryUserDetailsManager() {
        PasswordEncoder encoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();

        return  new InMemoryUserDetailsManager (User.withUsername("testUserName").password(encoder.encode("****")).
                authorities(new SimpleGrantedAuthority("SOME_ROLE")).build());

    }
}   

import com.azure.spring.aad.webapi.AADJwtBearerTokenAuthenticationConverter;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.web.SecurityFilterChain;

@Order(2)
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
@Configuration
public class OAuthTwoConfiguration  {

    @Profile(value="OAUTHPROFILE")
    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http.authorizeRequests().antMatchers("/api/test").permitAll()
                .and().authorizeRequests((requests) -> requests.anyRequest().authenticated())
                .oauth2ResourceServer()
                .jwt()
                .jwtAuthenticationConverter(new AADJwtBearerTokenAuthenticationConverter());
        return http.build();
    }

    @Profile(value = "test")
    @Bean
    public WebSecurityCustomizer WebSecurityCustomizer () throws Exception {

        return (web)->web.ignoring().antMatchers("/someAPI");
    }
}

Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.IllegalStateException: Found WebSecurityConfigurerAdapter as well as SecurityFilterChain. Please select just one. at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185) ~[spring-beans-5.3.22.jar:5.3.22] at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:653) ~[spring-beans-5.3.22.jar:5.3.22] ... 21 common frames omitted Caused by: java.lang.IllegalStateException: Found WebSecurityConfigurerAdapter as well as SecurityFilterChain. Please select just one. at org.springframework.util.Assert.state(Assert.java:76) ~[spring-core-5.3.22.jar:5.3.22] at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain(WebSecurityConfiguration.java:106) ~[spring-security-config-5.7.2.jar:5.7.2] at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:na] at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:na] at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:na] at java.base/java.lang.reflect.Method.invoke(Method.java:566) ~[na:na] at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154) ~[spring-beans-5.3.22.jar:5.3.22] ... 22 common frames omitted

plicqrtu

plicqrtu1#

您的代码或您使用的某些库仍然提供WebSecurityConfigurerAdapter
再次检查您的代码,可能您忘记了某些地方。
请尝试将您使用的资源库更新为最新版本。
如果它们还没有被迁移,那么在删除WebSecurityConfigurerAdapter之前,您可能必须等到它们被迁移。

相关问题