org.springframework.beans.factory.UnsatisfiedDependencyException: 创建名称为'authorizationServerConfig'的bean时出错:不满意 通过字段“ authenticationManager”表示的依赖关系;嵌套的 例外是 org.springframework.beans.factory.NoSuchBeanDefinitionException:否 类型的合格豆 'org.springframework.security.authentication.AuthenticationManager' 可用:至少有1个符合自动装配条件的bean 候选人。依赖注释: {@ org.springframework.beans.factory.annotation.Autowired(required = true)}
嗨,我有spring-boot Web应用程序,我正在尝试通过以下示例使用Spring Security和OAuth2实现登录/授权-身份验证系统:https://www.youtube.com/watch?v=dTAgI_UsqMg&t=1307s
每件事都很好,但是当我运行我的应用程序时,我得到一个异常,说它甚至无法找到用于AuthenticationManager的bean,甚至认为它在那里并自动接线。
在互联网上看,这似乎是Oauth2的已知问题或常见问题,但我找不到正确的解决方法
有人建议“暴露” AuthenticationManager bean,我不确定在这种情况下这意味着什么
这是我当前在github上的项目的链接:https://github.com/chenchi13/spring-boot-cms
有人可以帮我解决这个问题吗?
引发异常的类:
@EnableResourceServer
@Configuration
public class ResourceServerConfig extends WebSecurityConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private UserDetailsService customUserDetailService;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.requestMatchers()
.antMatchers("/login", "/oauth/authorize")
.and()
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.formLogin()
.permitAll();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//auth.parentAuthenticationManager(authenticationManager)
// .inMemoryAuthentication()
// .withUser("Peter")
// .password("peter")
// .roles("USER");
auth.parentAuthenticationManager(authenticationManager)
.userDetailsService(customUserDetailService);
}
}
授权服务器配置:
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security.tokenKeyAccess("permitAll()")
.checkTokenAccess("isAuthenticated()");
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients
.inMemory()
.withClient("ClientId")
.secret("secret")
.authorizedGrantTypes("authorization_code")
.scopes("user_info")
.autoApprove(true);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.authenticationManager(authenticationManager);
}
}
答案 0 :(得分:1)
从ResourceServerConfig中删除以下内容:
@Autowired
private AuthenticationManager authenticationManager;
并更改配置方法,如下所示:
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(customUserDetailService);
}
还要在ResourceServerConfig中覆盖以下方法:
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
这应该可以解决您的问题。
答案 1 :(得分:0)
我认为您缺少authenticationManager bean的定义。我在下面添加了几行,请检查一次:
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
// Other Details
@Bean
@Override
protected AuthenticationManager authenticationManager() throws Exception {
return super.authenticationManager();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService)
.passwordEncoder(new ShaPasswordEncoder(encodingStrength));
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.httpBasic()
.realmName(securityRealm)
.and()
.csrf()
.disable();
}
// Other Details
}
您可以通过下面的参考链接。
参考:Spring Boot with JWT and OAuth2.0
希望这对您有所帮助:)