我用:
一切都使用Java Config进行配置(包括spring-security)
我正在使用身份验证:基本base64Gibberish标头用于验证用户的Web服务器项目。
问题是取决于URI的AuthenticationManager
不同(因为我需要2个不同的)UserDetailsService
。
我试过的多个扩展名WebSecurityConfigurerAdapter
与
@Override
@Bean( name = "authManager1" )
public AuthenticationManager authenticationManagerBean() throws Exception
@Override
@Bean( name = "authManager2" )
public AuthenticationManager authenticationManagerBean() throws Exception
无济于事
我总是得到:
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain'
defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Instantiation of bean failed;
nested exception is org.springframework.beans.factory.BeanDefinitionStoreException:
Factory method [public javax.servlet.Filter org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain() throws java.lang.Exception]
threw exception; nested exception is java.lang.IllegalArgumentException:
Expecting to only find a single bean for type interface org.springframework.security.authentication.AuthenticationManager,
but found [authManager1, authManager2]
由于我有多个安全过滤器链,我如何“讲” spring-security在不同的安全过滤器链中注入不同的AuthenticationManager?
在此先感谢P。
您可以有多个http配置元素,每个元素都有自己的AuthenticationManager
。它可能看起来像这样:
@Configuration
@EnableWebSecurity
public class SecurityConfig {
@Bean
private AuthenticationManager authenticationManager1() {
// defines first AuthenticationManager
return authenticationManager;
}
@Bean
private AuthenticationManager authenticationManager2() {
// defines second AuthenticationManager
return authenticationManager;
}
@Configuration
@Order(1)
public static class Uri1ApiConfigurationAdapter extends WebSecurityConfigurerAdapter {
@Autowired
@Qualifier(authenticationManager1)
private authManager1;
@Override
protected AuthenticationManager authenticationManager() {
return authManager1;
}
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/URI1/**")
...
}
}
@Configuration
@Order(2)
public static class Uri2ApiConfigurationAdapter extends WebSecurityConfigurerAdapter {
@Autowired
@Qualifier(authenticationManager2)
private authManager2;
@Override
protected AuthenticationManager authenticationManager() {
return authManager2;
}
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/URI2/**")
...
}
}
}
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句