Spring Security Spring看不到Web安全配置器适配器

q9rjltbz  于 2022-12-13  发布在  Spring
关注(0)|答案(2)|浏览(387)

我想创建扩展WebSecurityConfigurerAdapter的WebSecurityConfig类,但总是收到错误“无法解析符号'WebSecurityConfigurerAdapter'"。我已经尝试添加不同的依赖项。这是我的gradle文件

dependencies {
    runtimeOnly 'org.postgresql:postgresql'
    implementation group: 'org.postgresql', name: 'postgresql', version: '42.5.1'
    implementation group: 'org.springframework.boot', name: 'spring-boot-starter-data-jpa', version: '3.0.0'
    implementation group: 'org.springframework.boot', name: 'spring-boot-starter-data-rest', version: '3.0.0'
    implementation group: 'org.springframework.boot', name: 'spring-boot-starter-tomcat', version: '3.0.0'
    implementation group: 'org.springframework.boot', name: 'spring-boot-starter-web', version: '3.0.0'
    implementation group: 'io.jsonwebtoken', name: 'jjwt-api', version: '0.11.5'
    implementation group: 'org.postgresql', name: 'postgresql', version: '42.5.1'
    implementation group: 'org.springframework.boot', name: 'spring-boot-starter-validation', version: '3.0.0'
    implementation group: 'org.springframework.security', name: 'spring-security-core', version: '6.0.0'
    implementation group: 'org.springframework.security', name: 'spring-security-config', version: '6.0.0'
    implementation group: 'org.springframework.security', name: 'spring-security-web', version: '6.0.0'
    implementation group: 'org.springframework.security', name: 'spring-security-oauth2-jose', version: '6.0.0'
    implementation group: 'org.springframework.security', name: 'spring-security-oauth2-resource-server', version: '6.0.0'
    implementation group: 'org.springframework.boot', name: 'spring-boot-starter-security', version: '3.0.0'
    implementation group: 'org.springframework.boot', name: 'spring-boot-starter-thymeleaf', version: '3.0.0'
    implementation group: 'org.thymeleaf.extras', name: 'thymeleaf-extras-springsecurity5', version: '3.1.0.RELEASE'
}

可能有些简单的东西我不懂。你能帮我一下吗?我已经花了两天的时间了
堆栈溢出(Cannot resolve symbol WebSecurityConfigurerAdapter)也有同样的问题,但它对我没有帮助。

import nsu.project.springserver.security.jwt.AuthEntryPointJwt;
import nsu.project.springserver.security.jwt.AuthTokenFilter;
import nsu.project.springserver.security.services.UserDetailsServiceImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
....
}
ruarlubt

ruarlubt1#

已在Spring-boot 3中删除WebsecurityConfigurerAdapter。
请改为公开SecurityFilterChain bean。打开手册或查看those tutorials

ldxq2e6h

ldxq2e6h2#

视频来自Dan Vega:
What's new in Spring Security 6
Spring安全性:升级过时的WebSecurityConfigurerAdapter
配置HTTP安全性更重要的是,如果我们想避免HTTP安全性的过时,我们可以创建一个SecurityFilterChain bean。
例如,假设我们希望根据角色来保护端点,并且只为登录保留匿名入口点。我们还将任何删除请求限制为管理员角色。我们将使用基本身份验证:

@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
    http.csrf()
      .disable()
      .authorizeRequests()
      .antMatchers(HttpMethod.DELETE)
      .hasRole("ADMIN")
      .antMatchers("/admin/**")
      .hasAnyRole("ADMIN")
      .antMatchers("/user/**")
      .hasAnyRole("USER", "ADMIN")
      .antMatchers("/login/**")
      .anonymous()
      .anyRequest()
      .authenticated()
      .and()
      .httpBasic()
      .and()
      .sessionManagement()
      .sessionCreationPolicy(SessionCreationPolicy.STATELESS);

    return http.build();
}

HTTP安全性将构建一个DefaultSecurityFilterChain对象来加载请求匹配器和筛选器。
spring Security: Upgrading the Deprecated WebSecurityConfigurerAdapter

相关问题