具有spring security的spring boot:创建名为’securityFilterChainRegistration’的bean时出错
我试图让spring security filterchain正常工作但是spring boot似乎忽略了我自己的bean并使用了WebSecurityConfiguration 。
这些是我得到的例外(从嵌入式tomcat启动失败开始):
org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'securityFilterChainRegistration' defined in class path resource [org/springframework/boot/autoconfigure/security/SpringBootWebSecurityConfiguration.class]: Unsatisfied dependency expressed through constructor argument with index 0 of type [javax.servlet.Filter]... Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Bean instantiation via factory method failed;... Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.IllegalAccessError: class org.springframework.security.config.annotation.authentication.configuration.$Proxy53 cannot access its superinterface org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration$LazyBean Caused by: java.lang.IllegalAccessError: class org.springframework.security.config.annotation.authentication.configuration.$Proxy53 cannot access its superinterface org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration$LazyBean
很抱歉没有显示完整的堆栈跟踪。
我的run-class中的安全过滤链bean:
@Bean public FilterRegistrationBean securityFilterChainRegistration() { DelegatingFilterProxy delegatingFilterProxy = new DelegatingFilterProxy(); delegatingFilterProxy.setTargetBeanName(AbstractSecurityWebApplicationInitializer.DEFAULT_FILTER_NAME); FilterRegistrationBean registrationBean = new FilterRegistrationBean(delegatingFilterProxy); registrationBean.setName(AbstractSecurityWebApplicationInitializer.DEFAULT_FILTER_NAME); registrationBean.addUrlPatterns("/*"); return registrationBean; }
运行类具有以下注释:
@SpringApplicationConfiguration @EnableAutoConfiguration @Configuration @MultipartConfig @ComponentScan
我的application.properties没有spring-security密钥。
有谁知道解决方案? 谢谢。
编辑:完整Stacktrace:
org.springframework.context.ApplicationContextException: Unable to start embedded container; nested exception is org.springframework.boot.context.embedded.EmbeddedServletContainerException: Unable to start embedded Tomcat at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.onRefresh(EmbeddedWebApplicationContext.java:124) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:474) at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:109) at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:691) at org.springframework.boot.SpringApplication.run(SpringApplication.java:321) at org.springframework.boot.SpringApplication.run(SpringApplication.java:961) at org.springframework.boot.SpringApplication.run(SpringApplication.java:950) ... Caused by: org.springframework.boot.context.embedded.EmbeddedServletContainerException: Unable to start embedded Tomcat at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.initialize(TomcatEmbeddedServletContainer.java:97) at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.(TomcatEmbeddedServletContainer.java:74) at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory.getTomcatEmbeddedServletContainer(TomcatEmbeddedServletContainerFactory.java:374) at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory.getEmbeddedServletContainer(TomcatEmbeddedServletContainerFactory.java:150) at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.createEmbeddedServletContainer(EmbeddedWebApplicationContext.java:148) at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.onRefresh(EmbeddedWebApplicationContext.java:121) ... 7 common frames omitted Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.IllegalAccessError: class org.springframework.security.config.annotation.authentication.configuration.$Proxy49 cannot access its superinterface org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration$LazyBean at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:602) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1111) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1006) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:504) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:476) at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:302) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:298) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:198) at org.springframework.boot.context.embedded.ServletContextInitializerBeans.getOrderedBeansOfType(ServletContextInitializerBeans.java:176) at org.springframework.boot.context.embedded.ServletContextInitializerBeans.addAsRegistrationBean(ServletContextInitializerBeans.java:141) at org.springframework.boot.context.embedded.ServletContextInitializerBeans.addAsRegistrationBean(ServletContextInitializerBeans.java:136) at org.springframework.boot.context.embedded.ServletContextInitializerBeans.addAdaptableBeans(ServletContextInitializerBeans.java:119) at org.springframework.boot.context.embedded.ServletContextInitializerBeans.(ServletContextInitializerBeans.java:69) at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.getServletContextInitializerBeans(EmbeddedWebApplicationContext.java:216) at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext$1.onStartup(EmbeddedWebApplicationContext.java:202) at org.springframework.boot.context.embedded.tomcat.ServletContextInitializerLifecycleListener.lifecycleEvent(ServletContextInitializerLifecycleListener.java:64) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117) at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:90) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5095) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1409) at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1399) at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.IllegalAccessError: class org.springframework.security.config.annotation.authentication.configuration.$Proxy49 cannot access its superinterface org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration$LazyBean at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:189) at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:591) ... 27 common frames omitted Caused by: java.lang.IllegalAccessError: class org.springframework.security.config.annotation.authentication.configuration.$Proxy49 cannot access its superinterface org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration$LazyBean at java.lang.reflect.Proxy.defineClass0(Native Method) at java.lang.reflect.Proxy.getProxyClass0(Unknown Source) at java.lang.reflect.Proxy.newProxyInstance(Unknown Source) at org.springframework.aop.framework.JdkDynamicAopProxy.getProxy(JdkDynamicAopProxy.java:121) at org.springframework.aop.framework.ProxyFactoryBean.getProxy(ProxyFactoryBean.java:368) at org.springframework.aop.framework.ProxyFactoryBean.getSingletonInstance(ProxyFactoryBean.java:322) at org.springframework.aop.framework.ProxyFactoryBean.getObject(ProxyFactoryBean.java:246) at org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration.lazyBean(AuthenticationConfiguration.java:118) at org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration.getAuthenticationMangerBean(AuthenticationConfiguration.java:122) at org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration.getAuthenticationManager(AuthenticationConfiguration.java:81) at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.authenticationManager(WebSecurityConfigurerAdapter.java:229) at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.getHttp(WebSecurityConfigurerAdapter.java:171) at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:276) at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:61) at org.springframework.boot.actuate.autoconfigure.ManagementSecurityAutoConfiguration$ManagementWebSecurityConfigurerAdapter$$EnhancerBySpringCGLIB$$d563c0b2.init() at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.init(AbstractConfiguredSecurityBuilder.java:369) at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:322) at org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:39) at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain(WebSecurityConfiguration.java:92) at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerBySpringCGLIB$$3cd4bac3.CGLIB$springSecurityFilterChain$3() at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerBySpringCGLIB$$3cd4bac3$$FastClassBySpringCGLIB$$a33c0bba.invoke() at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:309) at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerBySpringCGLIB$$3cd4bac3.springSecurityFilterChain() at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:162) ... 28 common frames omitted 2014-12-29 15:20:39.476 ERROR 5736 --- [ main] osboot.SpringApplication : Application startup failed org.springframework.context.ApplicationContextException: Unable to start embedded container; nested exception is org.springframework.boot.context.embedded.EmbeddedServletContainerException: Unable to start embedded Tomcat at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.onRefresh(EmbeddedWebApplicationContext.java:124) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:474) at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:109) at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:691) at org.springframework.boot.SpringApplication.run(SpringApplication.java:321) at org.springframework.boot.SpringApplication.run(SpringApplication.java:961) at org.springframework.boot.SpringApplication.run(SpringApplication.java:950) ... Caused by: org.springframework.boot.context.embedded.EmbeddedServletContainerException: Unable to start embedded Tomcat at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.initialize(TomcatEmbeddedServletContainer.java:97) at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.(TomcatEmbeddedServletContainer.java:74) at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory.getTomcatEmbeddedServletContainer(TomcatEmbeddedServletContainerFactory.java:374) at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory.getEmbeddedServletContainer(TomcatEmbeddedServletContainerFactory.java:150) at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.createEmbeddedServletContainer(EmbeddedWebApplicationContext.java:148) at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.onRefresh(EmbeddedWebApplicationContext.java:121) ... 7 common frames omitted Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.IllegalAccessError: class org.springframework.security.config.annotation.authentication.configuration.$Proxy49 cannot access its superinterface org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration$LazyBean at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:602) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1111) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1006) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:504) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:476) at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:302) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:298) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:198) at org.springframework.boot.context.embedded.ServletContextInitializerBeans.getOrderedBeansOfType(ServletContextInitializerBeans.java:176) at org.springframework.boot.context.embedded.ServletContextInitializerBeans.addAsRegistrationBean(ServletContextInitializerBeans.java:141) at org.springframework.boot.context.embedded.ServletContextInitializerBeans.addAsRegistrationBean(ServletContextInitializerBeans.java:136) at org.springframework.boot.context.embedded.ServletContextInitializerBeans.addAdaptableBeans(ServletContextInitializerBeans.java:119) at org.springframework.boot.context.embedded.ServletContextInitializerBeans.(ServletContextInitializerBeans.java:69) at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.getServletContextInitializerBeans(EmbeddedWebApplicationContext.java:216) at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext$1.onStartup(EmbeddedWebApplicationContext.java:202) at org.springframework.boot.context.embedded.tomcat.ServletContextInitializerLifecycleListener.lifecycleEvent(ServletContextInitializerLifecycleListener.java:64) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117) at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:90) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5095) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1409) at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1399) at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.IllegalAccessError: class org.springframework.security.config.annotation.authentication.configuration.$Proxy49 cannot access its superinterface org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration$LazyBean at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:189) at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:591) ... 27 common frames omitted Caused by: java.lang.IllegalAccessError: class org.springframework.security.config.annotation.authentication.configuration.$Proxy49 cannot access its superinterface org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration$LazyBean at java.lang.reflect.Proxy.defineClass0(Native Method) at java.lang.reflect.Proxy.getProxyClass0(Unknown Source) at java.lang.reflect.Proxy.newProxyInstance(Unknown Source) at org.springframework.aop.framework.JdkDynamicAopProxy.getProxy(JdkDynamicAopProxy.java:121) at org.springframework.aop.framework.ProxyFactoryBean.getProxy(ProxyFactoryBean.java:368) at org.springframework.aop.framework.ProxyFactoryBean.getSingletonInstance(ProxyFactoryBean.java:322) at org.springframework.aop.framework.ProxyFactoryBean.getObject(ProxyFactoryBean.java:246) at org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration.lazyBean(AuthenticationConfiguration.java:118) at org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration.getAuthenticationMangerBean(AuthenticationConfiguration.java:122) at org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration.getAuthenticationManager(AuthenticationConfiguration.java:81) at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.authenticationManager(WebSecurityConfigurerAdapter.java:229) at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.getHttp(WebSecurityConfigurerAdapter.java:171) at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:276) at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:61) at org.springframework.boot.actuate.autoconfigure.ManagementSecurityAutoConfiguration$ManagementWebSecurityConfigurerAdapter$$EnhancerBySpringCGLIB$$d563c0b2.init() at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.init(AbstractConfiguredSecurityBuilder.java:369) at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:322) at org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:39) at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain(WebSecurityConfiguration.java:92) at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerBySpringCGLIB$$3cd4bac3.CGLIB$springSecurityFilterChain$3() at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerBySpringCGLIB$$3cd4bac3$$FastClassBySpringCGLIB$$a33c0bba.invoke() at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:309) at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerBySpringCGLIB$$3cd4bac3.springSecurityFilterChain() at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:162) ... 28 common frames omitted
我的pom.xml依赖项:
org.springframework.boot spring-boot-starter-web 1.2.0.RELEASE org.springframework.boot spring-boot-starter-remote-shell 1.2.0.RELEASE org.springframework spring-core ${org.springframework.version} org.springframework spring-context ${org.springframework.version} org.springframework spring-web ${org.springframework.version} org.springframework spring-tx ${org.springframework.version} org.springframework spring-orm ${org.springframework.version} org.springframework spring-test ${org.springframework.version} org.springframework spring-webmvc ${org.springframework.version} org.springframework spring-jdbc ${org.springframework.version} org.springframework.security spring-security-core ${org.springframework.security.version} org.springframework.security spring-security-web ${org.springframework.security.version} org.springframework.security spring-security-config ${org.springframework.security.version} org.springframework.data spring-data-mongodb <!-- 1.5.2.RELEASE --> 1.6.1.RELEASE org.mongodb mongo-java-driver 2.12.3 org.apache.tomcat tomcat-servlet-api 8.0.15 org.apache.tomcat tomcat-jsp-api 8.0.15
编辑2:问题出在我的安全类中吗?:
@Configuration @EnableWebMvcSecurity public class ApplicationSecurity extends WebSecurityConfigurerAdapter { @Autowired private MongoTemplate mongoTemplate; @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/register*", "/login", "/lostPassword").anonymous() .antMatchers("/admin","/admin**").hasRole("ADMIN") .antMatchers("/user", "/user/**", "/page", "/page/**").hasAnyRole("USER", "COMPANY_USER", "COMPANY_MASTER", "ADMIN") .antMatchers("/company", "/company/**").hasAnyRole("COMPANY_USER", "COMPANY_MASTER", "ADMIN") .anyRequest().authenticated() .and() .formLogin().loginPage("/login").failureUrl("/login?error=true").usernameParameter("username").passwordParameter("password").loginProcessingUrl("/security_check") .successHandler(new MyAuthenticationSuccessHandler(this.mongoTemplate)); http.logout().logoutUrl("/logout").invalidateHttpSession(true).logoutSuccessUrl("/"); } @Override public void configure(AuthenticationManagerBuilder auth) throws Exception { DaoAuthenticationProvider provider = new DaoAuthenticationProvider(); provider.setUserDetailsService(new MyUserDetailsService(this.mongoTemplate)); provider.setPasswordEncoder(new ShaPasswordEncoder(256)); auth.authenticationProvider(provider); } }
编辑3:应用程序正在运行,但是当我通过浏览器获取应用程序时,我得到:
Whitelabel Error Page This application has no explicit mapping for /error, so you are seeing this as a fallback. Mon Dec 29 17:29:29 CET 2014 There was an unexpected error (type=Not Found, status=404). No message available
什么现在错了?
首先,您的依赖项列表包括Spring,Spring Security等的明确依赖项。请不要使用Spring Boot启动程序poms来获得Spring的受支持版本。 因此,删除它们并将spring-boot-starter-security和spring-boot-starter-data-mongodb到依赖项列表中。
org.springframework.boot spring-boot-starter-web 1.2.0.RELEASE org.springframework.boot spring-boot-starter-security 1.2.0.RELEASE org.springframework.boot spring-boot-starter-data-mongodb 1.2.0.RELEASE org.springframework.boot spring-boot-starter-remote-shell 1.2.0.RELEASE
那些依赖应该这样做。 如果要使用spring-boot-starter-parent作为项目的父项,则可以从依赖项中删除version元素。 这也可以很容易地指定您想要使用的tomcat版本,只需在
8.0.15
接下来删除@EnableWebMvcSecurity注释,因为Spring Boot已经完成了注释,还添加了一个@Order注释来覆盖Spring Boot提供的配置。
@Configuration @Order(SecurityProperties.ACCESS_OVERRIDE_ORDER) public class ApplicationSecurity extends WebSecurityConfigurerAdapter { ... }
与配置相比,您可以简单地使用userDetails方法设置自定义实现,而不是创建DaoAuthenticationProvider的新实例。
@Override public void configure(AuthenticationManagerBuilder auth) throws Exception { auth .userDetailsService(new MyUserDetailsService(this.mongoTemplate)) .passwordEncoder(new ShaPasswordEncoder(256)); }