我正在尝试使用数据库身份验证为我的Rest服务配置Spring Security。但我收到以下错误。
> org.springframework.beans.factory.BeanCreationException: Error
> creating bean with name
> 'org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration':
> Injection of autowired dependencies failed; nested exception is
> java.lang.IllegalStateException: @Order on WebSecurityConfigurers must
> be unique. Order of 2147483640 was already used, so it cannot be used
> on com.be.api.rest.config.ApplicationSecurity@1d0e7bad too. at
> org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessPropertyValues(AutowiredAnnotationBeanPostProcessor.java:334)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1214)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:543)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:482)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:368)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1123)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1018)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:510)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:482)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:202)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1060)
> ~[spring-context-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.web.filter.DelegatingFilterProxy.initDelegate(DelegatingFilterProxy.java:326)
> ~[spring-web-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.web.filter.DelegatingFilterProxy.initFilterBean(DelegatingFilterProxy.java:235)
> ~[spring-web-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.web.filter.GenericFilterBean.init(GenericFilterBean.java:199)
> ~[spring-web-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.apache.catalina.core.ApplicationFilterConfig.initFilter(ApplicationFilterConfig.java:279)
> ~[tomcat-embed-core-8.0.33.jar:8.0.33] at
> org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:109)
> ~[tomcat-embed-core-8.0.33.jar:8.0.33] at
> org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:4658)
> [tomcat-embed-core-8.0.33.jar:8.0.33] at
> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5277)
> [tomcat-embed-core-8.0.33.jar:8.0.33] at
> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147)
> [tomcat-embed-core-8.0.33.jar:8.0.33] at
> org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1408)
> [tomcat-embed-core-8.0.33.jar:8.0.33] at
> org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1398)
> [tomcat-embed-core-8.0.33.jar:8.0.33] at
> java.util.concurrent.FutureTask.run(Unknown Source) [na:1.8.0_60] at
> java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
> [na:1.8.0_60] at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
> [na:1.8.0_60] at java.lang.Thread.run(Unknown Source) [na:1.8.0_60]
> Caused by: java.lang.IllegalStateException: @Order on
> WebSecurityConfigurers must be unique. Order of 2147483640 was already
> used, so it cannot be used on
> com.be.api.rest.config.ApplicationSecurity@1d0e7bad too. at
> org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.setFilterChainProxySecurityConfigurer(WebSecurityConfiguration.java:148)
> ~[spring-security-config-4.0.4.RELEASE.jar:4.0.4.RELEASE] at
> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> ~[na:1.8.0_60] at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown
> Source) ~[na:1.8.0_60] at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> ~[na:1.8.0_60] at java.lang.reflect.Method.invoke(Unknown Source)
> ~[na:1.8.0_60] at
> org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredMethodElement.inject(AutowiredAnnotationBeanPostProcessor.java:654)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:88)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] at
> org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessPropertyValues(AutowiredAnnotationBeanPostProcessor.java:331)
> ~[spring-beans-4.2.6.RELEASE.jar:4.2.6.RELEASE] ... 31 common frames
> omitted
我检查了几个帖子并尝试了多种方法,仍然无法解决这个问题。
我的安全配置类
@Configuration
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
public class ApplicationSecurity extends WebSecurityConfigurerAdapter {
@Autowired
private RESTAuthenticationEntryPoint authenticationEntryPoint;
@Autowired
private RESTAuthenticationFailureHandler authenticationFailureHandler;
@Autowired
private RESTAuthenticationSuccessHandler authenticationSuccessHandler;
@Autowired
private DaoAuthenticationProvider authenticationProvider;
@Autowired
@Qualifier("customUserDetailsService")
private UserDetailsService userDetailsService;
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService);
auth.authenticationProvider(authenticationProvider);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/rest/**").authenticated();
http.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint);
http.formLogin().successHandler(authenticationSuccessHandler);
http.formLogin().failureHandler(authenticationFailureHandler);
http.logout().logoutSuccessUrl("/");
// CSRF tokens handling
http.addFilterAfter(new CsrfTokenResponseHeaderBindingFilter(), CsrfFilter.class);
}
}
我尝试删除@Order注释,添加@EnableWebSecurity,@ EnableWebMvcSecurity。但他们都没有工作。
有什么建议吗?
整个源代码位于:https://github.com/tpulimoottil/bep
非常感谢任何帮助。我有点被困在这里。