1. 技术文章
  2. Getting the error “No bean named 'springSecurityFilterChain' available” in Spring/Jersey webapp

Getting the error “No bean named 'springSecurityFilterChain' available” in Spring/Jersey webapp

主宰稳场 提交于 2019-12-25 01:44:29

问题


I am trying to set up method level security via annotations for my Jersey managed REST webservice. I added a @PreAuthorize("hasRole('USER')") annotation to my web service interface where I define the endpoints.

I have added a security configuration class, and a security initializer class to no avail.

Username and password has been redacted.

@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true, proxyTargetClass = true)
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
    @Inject
    private RestAuthenticationEntryPoint restAuthenticationEntryPoint;

    @Bean
    public InMemoryUserDetailsManager inMemoryUserDetailsManager() {
        InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
        manager.createUser(User.withUsername(user).password(encoder().encode(password)).roles("USER").build());
        return manager;
    }

    @Inject
    @Override
    public void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(inMemoryUserDetailsManager()).passwordEncoder(encoder());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                .and()
                .authorizeRequests()
                .antMatchers("/rest/coupons/token")
                .authenticated()
                .and()
                .httpBasic()
                .authenticationEntryPoint(restAuthenticationEntryPoint)
                .and()
                .csrf()
                .disable();
    }

    @Bean
    public PasswordEncoder encoder() {
        return new BCryptPasswordEncoder();
    }
}`

`@Order(1)
public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer {}

My webapp configuration is annotated like this:

@Configuration
@Import({
    CouponManagementServiceConfiguration.class,
    CouponRedemptionServiceConfiguration.class,
    AuthFilterConfiguration.class,
    PlatformCommonWsConfiguration.class,
    SecurityConfiguration.class
})
@ComponentScan(basePackageClasses = CouponManagementWebServiceConfiguration.class)
@EnableWebSecurity@Configuration
@Import({
    CouponManagementServiceConfiguration.class,
    CouponRedemptionServiceConfiguration.class,
    AuthFilterConfiguration.class,
    PlatformCommonWsConfiguration.class,
    SecurityConfiguration.class
})
@ComponentScan(basePackageClasses = CouponManagementWebServiceConfiguration.class)
@EnableWebSecurity

When I add the @PreAuthorize("hasRole('USER')") annotation to the interface for the rest endpoint, I get the following stack trace:

org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'springSecurityFilterChain' available
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanDefinition(DefaultListableBeanFactory.java:774)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getMergedLocalBeanDefinition(AbstractBeanFactory.java:1212)
        at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:294)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:204)
        at org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1091)
        at org.springframework.web.filter.DelegatingFilterProxy.initDelegate(DelegatingFilterProxy.java:337)
        at org.springframework.web.filter.DelegatingFilterProxy.initFilterBean(DelegatingFilterProxy.java:242)
        at org.springframework.web.filter.GenericFilterBean.init(GenericFilterBean.java:238)
        at org.apache.catalina.core.ApplicationFilterConfig.initFilter(ApplicationFilterConfig.java:285)
        at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:112)
        at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:4615)
        at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5262)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
        at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:754)
        at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:730)
        at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:744)
        at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:980)
        at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1851)
        at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
        at java.lang.Thread.run(Thread.java:748)

What am I missing?

来源:https://stackoverflow.com/questions/57880952/getting-the-error-no-bean-named-springsecurityfilterchain-available-in-sprin

标签
java
spring-security
jersey
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!