org.springframework.beans.factory.UnsatisfiedDependencyException:创建名为'authorizationServerConfig'的bean时出错:通过字段'authenticationManager'表示的不满意的依赖关系;嵌套异常是org.springframework.beans.factory.NoSuchBeanDefinitionException:没有类型'org.springframework.security.authentication.AuthenticationManager'的限定bean可用:预计至少有1个bean可以作为autowire候选者。依赖注释:{@ org.springframework.beans.factory.annotation.Autowired(required = true)}
嗨我有spring-boot网络应用程序,我正在尝试使用Spring Security和OAuth2实现登录/授权 - 身份验证系统,方法如下:https://www.youtube.com/watch?v=dTAgI_UsqMg&t=1307s
每件事情都很好但是当我运行我的应用程序时,我得到一个例外,说它无法为AuthenticationManager找到bean,即使它认为它在那里并自动装配。
通过互联网查看这似乎是Oauth2的一个知道或常见问题,但我找不到正确的解决方法
有些人建议“公开”AuthenticationManager bean,我不确定在这种情况下这意味着什么
这是我在github上的当前项目的链接:https://github.com/chenchi13/spring-boot-cms
任何人都可以帮我解决这个问题吗?
抛出异常的类:
@EnableResourceServer
@Configuration
public class ResourceServerConfig extends WebSecurityConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private UserDetailsService customUserDetailService;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.requestMatchers()
.antMatchers("/login", "/oauth/authorize")
.and()
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.formLogin()
.permitAll();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//auth.parentAuthenticationManager(authenticationManager)
// .inMemoryAuthentication()
// .withUser("Peter")
// .password("peter")
// .roles("USER");
auth.parentAuthenticationManager(authenticationManager)
.userDetailsService(customUserDetailService);
}
}
授权服务器配置:
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security.tokenKeyAccess("permitAll()")
.checkTokenAccess("isAuthenticated()");
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients
.inMemory()
.withClient("ClientId")
.secret("secret")
.authorizedGrantTypes("authorization_code")
.scopes("user_info")
.autoApprove(true);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.authenticationManager(authenticationManager);
}
}
从ResourceServerConfig中删除以下内容:
@Autowired
private AuthenticationManager authenticationManager;
并更改如下配置方法:
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(customUserDetailService);
}
还要在ResourceServerConfig中覆盖以下方法:
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
这应该可以解决您的问题。
我认为你缺少authenticationManager bean的定义。我在下面添加以下行,请查看一次:
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
// Other Details
@Bean
@Override
protected AuthenticationManager authenticationManager() throws Exception {
return super.authenticationManager();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService)
.passwordEncoder(new ShaPasswordEncoder(encodingStrength));
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.httpBasic()
.realmName(securityRealm)
.and()
.csrf()
.disable();
}
// Other Details
}
您可以通过以下参考链接。
参考:Spring Boot with JWT and OAuth2.0
希望这可以帮助你:)