I am upgrading spring boot 2.5.12 to Spring boot 2.7.2 in gradle kotlin. As per the link given <https://spring.io/blog/2022/02/21/spring-security-without-the-websecurityconfigureradapter > . When I have removed deprecated websecurityconfigureradapter getting exception. Code snippet is given below
@Configuration
@EnableWebSecurity
@Order(1)
public class BasicAuthC {
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http
.requestMatchers().antMatchers("/api/anything"")
.and()
.authorizeRequests(requests -> requests.anyRequest().fullyAuthenticated())
.httpBasic()
return http.build();
}
@Bean
public InMemoryUserDetailsManager memoryUserDetailsManager() {
PasswordEncoder encoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
return new InMemoryUserDetailsManager (User.withUsername("testUserName").password(encoder.encode("****")).
authorities(new SimpleGrantedAuthority("SOME_ROLE")).build());
}
}
import com.azure.spring.aad.webapi.AADJwtBearerTokenAuthenticationConverter;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.web.SecurityFilterChain;
@Order(2)
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
@Configuration
public class OAuthTwoConfiguration {
@Profile(value="OAUTHPROFILE")
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/api/test").permitAll()
.and().authorizeRequests((requests) -> requests.anyRequest().authenticated())
.oauth2ResourceServer()
.jwt()
.jwtAuthenticationConverter(new AADJwtBearerTokenAuthenticationConverter());
return http.build();
}
@Profile(value = "test")
@Bean
public WebSecurityCustomizer WebSecurityCustomizer () throws Exception {
return (web)->web.ignoring().antMatchers("/someAPI");
}
}
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.IllegalStateException: Found WebSecurityConfigurerAdapter as well as SecurityFilterChain. Please select just one. at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185) ~[spring-beans-5.3.22.jar:5.3.22] at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:653) ~[spring-beans-5.3.22.jar:5.3.22] ... 21 common frames omitted Caused by: java.lang.IllegalStateException: Found WebSecurityConfigurerAdapter as well as SecurityFilterChain. Please select just one. at org.springframework.util.Assert.state(Assert.java:76) ~[spring-core-5.3.22.jar:5.3.22] at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain(WebSecurityConfiguration.java:106) ~[spring-security-config-5.7.2.jar:5.7.2] at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:na] at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:na] at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:na] at java.base/java.lang.reflect.Method.invoke(Method.java:566) ~[na:na] at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154) ~[spring-beans-5.3.22.jar:5.3.22] ... 22 common frames omitted
1条答案
按热度按时间plicqrtu1#
您的代码或您使用的某些库仍然提供
WebSecurityConfigurerAdapter
。再次检查您的代码,可能您忘记了某些地方。
请尝试将您使用的资源库更新为最新版本。
如果它们还没有被迁移,那么在删除
WebSecurityConfigurerAdapter
之前,您可能必须等到它们被迁移。