我是Spring Boot的新手。我正在使用Angular和Spring Boot开发一个基本的Crud应用程序。 我正在使用的教程是https://www.javainuse.com/spring/ang7-jwt 在我应用JWT身份验证之前,一切工作正常。 在运行时,它给了我一个我无法解决的错误。
我的堆栈轨迹:
2020-06-17 19:30:03.203 INFO 10920 --- [ main] c.j.SpringBootHelloWorldApplication
: Starting SpringBootHelloWorldApplication on DESKTOP-GIIJPHC with PID 10920 (started by Dell in
E:\Spring Boot\angular-spring)
2020-06-17 19:30:03.213 INFO 10920 --- [ main] c.j.SpringBootHelloWorldApplication :
No active profile set, falling back to default profiles: default
2020-06-17 19:30:04.715 INFO 10920 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer :
Tomcat initialized with port(s): 8081 (http)
2020-06-17 19:30:04.747 INFO 10920 --- [ main] o.apache.catalina.core.StandardService :
Starting service [Tomcat]
2020-06-17 19:30:04.747 INFO 10920 --- [ main] org.apache.catalina.core.StandardEngine :
Starting Servlet Engine: Apache Tomcat/9.0.13
2020-06-17 19:30:04.779 INFO 10920 --- [ main] o.a.catalina.core.AprLifecycleListener :
The APR based Apache Tomcat Native library which allows optimal performance in production
environments was not found on the java.library.path: [C:\Program
Files\Java\jre1.8.0_251\bin;C:\Windows\Sun\Java\bin;C:\Windows\system32;C:\Windows;C:/Program
Files/Java/jre1.8.0_251/bin/server;C:/Program Files/Java/jre1.8.0_251/bin;C:/Program
Files/Java/jre1.8.0_251/lib/amd64;C:\Program Files
Initializing Spring embedded WebApplicationContext
2020-06-17 19:30:04.904 INFO 10920 --- [ main] o.s.web.context.ContextLoader :
Root WebApplicationContext: initialization completed in 1600 ms
2020-06-17 19:30:05.091 WARN 10920 --- [ main] ConfigServletWebServerApplicationContext :
Exception encountered during context initialization - cancelling refresh attempt:
org.springframework.beans.factory.BeanCreationException: Error creating bean with name
'org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration':
Injection of autowired dependencies failed; nested exception is java.lang.IllegalStateException:
@Order on WebSecurityConfigurers must be unique. Order of 100 was already used on
com.javainuse.SecurityConfig$$EnhancerBySpringCGLIB$$9bb43797@7e11ab3d, so it cannot be used on
com.javainuse.config.WebSecurityConfig$$EnhancerBySpringCGLIB$$155c835f@5fa47fea too.
2020-06-17 19:30:05.093 INFO 10920 --- [ main] o.apache.catalina.core.StandardService :
Stopping service [Tomcat]
2020-06-17 19:30:05.104 INFO 10920 --- [ main] ConditionEvaluationReportLoggingListener :
org.springframework.beans.factory.BeanCreationException: Error creating bean with name
'org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration':
Injection of autowired dependencies failed; nested exception is java.lang.IllegalStateException:
@Order on WebSecurityConfigurers must be unique. Order of 100 was already used on
com.javainuse.SecurityConfig$$EnhancerBySpringCGLIB$$9bb43797@7e11ab3d, so it cannot be used on
com.javainuse.config.WebSecurityConfig$$EnhancerBySpringCGLIB$$155c835f@5fa47fea too.
我在文件的任何地方都没有使用@Order批注。所以我不知道为什么会给我这些错误。 可以帮助吗? 在此处共享我的一些文件: application.properties:
jwt.secret=javainuse
jwt.get.token.uri=/authenticate
spring.main.allow-bean-definition-overriding=true
SecurityConfig.java:
package com.javainuse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import
org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import
org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().
authorizeRequests().antMatchers(HttpMethod.OPTIONS,
"/**").permitAll().anyRequest().authenticated()
.and().httpBasic();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("admin").password("{noop}admin").roles("USER");
}
}
WEbSecurityConfig.java:
// I have not mentioned the import statements//
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;
@Autowired
private UserDetailsService jwtUserDetailsService;
@Autowired
private JwtRequestFilter jwtRequestFilter;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
// configure AuthenticationManager so that it knows from where to load
// user for matching credentials
// Use BCryptPasswordEncoder
auth.userDetailsService(jwtUserDetailsService).passwordEncoder(passwordEncoder());
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
// We don't need CSRF for this example
httpSecurity.csrf().disable()
// dont authenticate this particular request
.
authorizeRequests().antMatchers("/authenticate").permitAll().antMatchers(HttpMethod.OPTIONS,
"/**")
.permitAll().
// all other requests need to be authenticated
anyRequest().authenticated().and().
// make sure we use stateless session; session won't be used to
// store user's state.
exceptionHandling().authenticationEntryPoint(jwtAuthenticationEntryPoint).and().sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
// Add a filter to validate the tokens with every request
httpSecurity.addFilterBefore(jwtRequestFilter, UsernamePasswordAuthenticationFilter.class);
}
}