我正在尝试将项目从Spring 4.3升级到5.0,并遇到Spring Security OAuth中似乎存在的问题。特别是一堆嵌套的Bean创建失败,形式为:
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'oauth2EndpointHandlerMapping' defined in class path resource [org/springframework/security/oauth2/config/annotation/web/configuration/AuthorizationServerEndpointsConfiguration.class]: Invocation of init method failed; nested exception is java.lang.NoClassDefFoundError: org/springframework/web/method/HandlerMethodSelector
...
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'oauth2EndpointHandlerMapping' defined in class path resource [org/springframework/security/oauth2/config/annotation/web/configuration/AuthorizationServerEndpointsConfiguration.class]: Invocation of init method failed; nested exception is java.lang.NoClassDefFoundError: org/springframework/web/method/HandlerMethodSelector
...
Caused by: java.lang.NoClassDefFoundError: org/springframework/web/method/HandlerMethodSelector
似乎 org.springframework.web.method.HandlerMethodSelector 在较晚的Spring 4.x版本中已过时,然后在Spring 5.x中完全删除。
我要共同努力的实际版本是:
Spring Security OAuth版本是最新版本,所以我不确定下一步要去哪里。难道没有与Spring 5.x兼容的版本吗?如果是这样,我有什么选择?
答案 0 :(得分:0)
如该弹簧在类的javadoc中指出的那样,从版本4.3开始不推荐使用。建议使用而不是 MethodIntrospector
package org.springframework.web.method;
import java.lang.reflect.Method;
import java.util.Set;
import org.springframework.core.MethodIntrospector;
import org.springframework.util.ReflectionUtils.MethodFilter;
/**
* Defines the algorithm for searching handler methods exhaustively including interfaces and parent
* classes while also dealing with parameterized methods as well as interface and class-based proxies.
*
* @author Rossen Stoyanchev
* @since 3.1
* @deprecated as of Spring 4.2.3, in favor of the generalized and refined {@link MethodIntrospector}
*/
@Deprecated
public abstract class HandlerMethodSelector {
/**
* Select handler methods for the given handler type.
* <p>Callers define handler methods of interest through the {@link MethodFilter} parameter.
* @param handlerType the handler type to search handler methods on
* @param handlerMethodFilter a {@link MethodFilter} to help recognize handler methods of interest
* @return the selected methods, or an empty set
* @see MethodIntrospector#selectMethods
*/
public static Set<Method> selectMethods(Class<?> handlerType, MethodFilter handlerMethodFilter) {
return MethodIntrospector.selectMethods(handlerType, handlerMethodFilter);
}
}
如版本5迁移指南中所述:
在代码库中删除了许多不推荐使用的类和方法。
答案 1 :(得分:0)
Spring Security OAuth 2.3.3已通过up to Spring Security 5.0.3测试。 (您可以尝试使用列出的here和here的依赖项,以消除研究过程中的噪音。)
也就是说,Spring Security OAuth2自动配置项目builds against Spring Boot 2.1.0使用Spring Security 5.1.0和Spring Security OAuth 2.3.4,因此我不会遇到任何不可避免的类路径问题。
如果您还没有,请仔细检查您的依赖树以查看是否存在意外的依赖。
或者,如果您可以用最少的样本进行复制,则可以将其发布-这样可能会使问题更加清楚。
最后,Spring Security 5.x系列发布了一个新的,完全集成的OAuth模块,该模块将Spring Security OAuth插件库置于维护模式。您可以跟踪feature diff来查看5.1是否具有您需要的功能才能删除该插件。