BearerTokenAccessDeniedHandler类定义未找到

时间:2018-12-25 05:24:01

标签: java spring spring-boot spring-security spring-security-oauth2

我正在尝试使用Spring Boot 2.1.1和Spring sec 5作为OAuth2资源服务器的演示项目,但是当我尝试运行以下项目时

ENV

  • Spring Boot 2.1.1发布

  • Spring Security Core 5.1.2

  • Java 8

代码 

    @RestController
    @SpringBootApplication
   //  @EnableResourceServer
    public class MyApplication {

    public static void main(String[] args) {
        SpringApplication.run(MyApplication.class, args);
    }
    @GetMapping("/hello")
    public String sayHello() {
    return "Hello World";
    }

    @Configuration
    static class MyWebSecurityConfigurerAdapter extends 
    WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests().anyRequest().authenticated()
                .and()
                .oauth2ResourceServer().jwt(); // <--- throws error

        }
      }

    }

哪个会引发错误

  

工厂方法“ springSecurityFilterChain”抛出异常;嵌套的异常是java.lang.NoClassDefFoundError:org / springframework / security / oauth2 / server / resource / web / access / BearerTokenAccessDeniedHandler

已构建

我的依赖看起来像

dependencies {

implementation('org.springframework.boot:spring-boot-starter-web')
implementation('org.springframework.boot:spring-boot-starter-security')
implementation(group: 'org.springframework.security.oauth.boot', name: 'spring-security-oauth2-autoconfigure', version: '2.1.1.RELEASE')

implementation(group: 'org.springframework.security.oauth', name: 'spring-security-oauth2', version: '2.3.4.RELEASE')
}

4 个答案:

答案 0 :(得分:0)

我也是

但是我在org.springframework.boot:spring-boot-starter-oauth2-resource-server

中找到了它

顺便说一句,我导入了org.springframework.boot:spring-boot-starter-oauth2-resource-server软件包并使用:

        http
                .authorizeRequests()
                .antMatchers("/**").hasAnyRole("admin")
                .anyRequest().authenticated();
                //.and()
                //.oauth2ResourceServer() don't use it,
                //.jwt();
                // Do not use it, otherwise you must define 
                // jwtDecoderByIssuerUri or jwtDecoderByJwkKeySetUri

如果要启用oauth2ResourceServer,则可能需要等待Spring Security 5.3.x。

也许与next-generation-oauth-2-0-support-with-spring-security

有关

答案 1 :(得分:0)

当我添加spring-boot-starter-oauth2-resource-server依赖项时,异常消失了

答案 2 :(得分:0)

我面临着同样的问题,希望我找到的解决方案能对某人有所帮助。

使用spring-security-oauth2并启用资源服务器时,将WebSecurityConfigurerAdapter用于端点安全配置并覆盖方法public void configure(HttpSecurity security) throws Exception{}

答案 3 :(得分:0)

我赞成其他答案,但是我在build.gradle文件中使用了“实现” 

implementation 'org.springframework.security:spring-security-oauth2-resource-server'

编译配置仍然存在,但不应使用,因为它不能提供api和实现配置所提供的保证。

以上引用来自: (({https://docs.gradle.org/current/userguide/java_library_plugin.html#sec:java_library_separation))

我在下面的完整文件

plugins {
    id 'java'
}

group 'com.mycompany.mything'
version '1.0-SNAPSHOT'

sourceCompatibility = 1.8


repositories {
    mavenCentral()
}

apply plugin: 'org.springframework.boot'
apply plugin: 'io.spring.dependency-management'


dependencies {

implementation 'org.springframework.boot:spring-boot-starter-data-rest'
implementation 'org.springframework.boot:spring-boot-starter-data-jpa'



implementation 'org.springframework.boot:spring-boot-starter-security'
//    implementation 'org.springframework.boot:spring-boot-starter-web'
implementation 'org.springframework.security:spring-security-oauth2-resource-server'
implementation 'org.springframework.security:spring-security-oauth2-jose'
//    implementation 'org.springframework.security:spring-security-config'






}

也可以看到

https://medium.com/mindorks/implementation-vs-api-in-gradle-3-0-494c817a6fa

实现与api讨论

相关问题
最新问题