我有一个 Spring Boot 应用程序,可以在运行时运行,但是当我尝试使用 MockMVC 进行一些测试时,出现错误。该错误是由 SecurityConfig 中的一行触发的:
val publicUrls = arrayOf(
"/telemetry/**",
"/login",
"/logout"
)
override fun configure(http: HttpSecurity) {
http
.csrf().ignoringAntMatchers(*publicUrls)
.and()
.authorizeRequests()
.requestMatchers(EndpointRequest.to("status", "info")).permitAll()
// The following line is the problem
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll() // <-- causes error
.antMatchers(*publicUrls).permitAll()
.antMatchers("/system/**").hasRole("SUPER")
.antMatchers("/admin/**").hasRole("ADMIN")
.anyRequest().authenticated()
//.and()
//.oauth2Login();
}
在没有允许访问静态资源的线路的情况下,测试可以正常工作。有了这条线,我得到下面的错误(带有堆栈跟踪)。如果我添加一个实现
DispatcherServletPath
并用 @Component
注释的类,那么我会收到错误 expected single matching bean but found 2:
。
测试代码为:
@SpringBootTest
@AutoConfigureMockMvc
@WebAppConfiguration
@ComponentScan("com.controlj.monitor.service")
@RunWith(SpringJUnit4ClassRunner::class)
class SampleTest {
@MockBean
private lateinit var mockTelemetryService: TelemetryService
@Autowired
private lateinit var springSecurityFilterChain: FilterChainProxy
private lateinit var mvc: MockMvc
@Before
fun setup() {
mvc = MockMvcBuilders.standaloneSetup(TelemetryEndpoint(mockTelemetryService))
.apply<StandaloneMockMvcBuilder>(SecurityMockMvcConfigurers.springSecurity(springSecurityFilterChain))
.build()
}
@Test
fun testTelemetryApi() {
val postMapping = TelemetryEndpoint::post.findAnnotation<PostMapping>()?.value?.first()
mvc.perform(post(postMapping, "badKey", 123456)
.contentType(MediaType.APPLICATION_JSON))
.andExpect(status().`is`(404))
}
}
我该如何解决这个问题?
org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type 'org.springframework.boot.autoconfigure.web.servlet.DispatcherServletPath' available
at org.springframework.beans.factory.support.StaticListableBeanFactory.getBean(StaticListableBeanFactory.java:172)
at org.springframework.test.web.servlet.setup.StubWebApplicationContext.getBean(StubWebApplicationContext.java:176)
at org.springframework.boot.security.servlet.ApplicationContextRequestMatcher.lambda$createContext$1(ApplicationContextRequestMatcher.java:95)
at org.springframework.boot.autoconfigure.security.servlet.StaticResourceRequest$StaticResourceRequestMatcher.initialized(StaticResourceRequest.java:140)
at org.springframework.boot.security.servlet.ApplicationContextRequestMatcher.getContext(ApplicationContextRequestMatcher.java:73)
at org.springframework.boot.security.servlet.ApplicationContextRequestMatcher.matches(ApplicationContextRequestMatcher.java:57)
at org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource.getAttributes(DefaultFilterInvocationSecurityMetadataSource.java:95)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:197)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:124)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:170)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:100)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:74)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
at org.springframework.mock.web.MockFilterChain.doFilter(MockFilterChain.java:133)
at org.springframework.test.web.servlet.MockMvc.perform(MockMvc.java:182)
尝试为您自己的
DispatcherServletPath
实现命名
@Component("dispatcherServlet")
public class Your_Dispatch_Servlet implements DispatcherServletPath {
}
多年来我一直在为这件事烦恼。对我来说,一些测试的通过或失败取决于我如何运行它们,或者我是否一起或单独运行它们 - 这显然并不理想。但我的安全配置中的同一行似乎导致了我的问题。
我确信这不是最终的解决方案,但作为目前的解决方法,我已经替换了
PathRequest.toStaticResources().atCommonLocations()
与
new AntPathRequestMatcher("/webjars/**", "GET")
我只使用来自 WebJars 的静态资源,所以这足以让我暂时克服这个问题。不过,我想问题实际上出在其他地方;我很想知道到底发生了什么。