获取错误,指出在SPring Boot 2.1.1中扩展GlobalMethodSecurityConfiguration时已经定义了“ methodSecurityInterceptor”

时间:2018-12-05 20:39:10

标签: java spring spring-boot security spring-security

我要覆盖class Paypal extends CI_Controller { 类,但只能覆盖一种方法:GlobalMethodSecurityConfiguration

当我尝试运行该应用程序时,我得到:

  

说明:

     

无法注册在类路径资源[org / springframework / security / config / annotation / method / configuration / GlobalMethodSecurityConfiguration.class]中定义的bean'methodSecurityInterceptor'。在类路径资源[com / testing / config / MyMethodSecurityConfig.class]中已经定义了具有该名称的Bean,并且禁止了覆盖。

     

操作:

     

考虑重命名其中一个bean或通过设置spring.main.allow-bean-definition-overriding = true启用覆盖

配置类

当我不重写该基本方法时为什么这样做?如何在不出现此错误的情况下覆盖protected MethodSecurityExpressionHandler createExpressionHandler()

MethodSecurityExpressionHandler

表达式处理程序 

import com.testing.AadMethodSecurityExpressionHandler;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;

@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
public class MyMethodSecurityConfig extends GlobalMethodSecurityConfiguration
{
    @Override
    protected MethodSecurityExpressionHandler createExpressionHandler()
    {
        return new MyMethodSecurityExpressionHandler();
    }
}

表达式根 

import org.aopalliance.intercept.MethodInvocation;
import org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler;
import org.springframework.security.access.expression.method.MethodSecurityExpressionOperations;
import org.springframework.security.core.Authentication;

public class MyMethodSecurityExpressionHandler extends DefaultMethodSecurityExpressionHandler
{
    @Override
    protected MethodSecurityExpressionOperations createSecurityExpressionRoot(Authentication authentication, MethodInvocation invocation)
    {
        MyMethodSecurityExpressionRoot root = new MyMethodSecurityExpressionRoot( authentication );
        root.setPermissionEvaluator( getPermissionEvaluator() );
        root.setTrustResolver( getTrustResolver() );
        root.setRoleHierarchy( getRoleHierarchy() );

        return root;
    }
}

1 个答案:

答案 0 :(得分:1)

对于任何为我遇到此问题的人,解决方案是删除在我已设置的WebSecurityConfigurer上配置的重复@EnableGlobalMethodSecurity批注。

相关问题
最新问题