我尝试在我的 Spring Security 配置中注册多个过滤器,但是我总是遇到同样的异常:
04-Nov-2015 14:35:23.792 WARNING [RMI TCP Connection(3)-127.0.0.1] org.springframework.web.context.support.AnnotationConfigWebApplicationContext.refresh Exception encountered during context initialization - cancelling refresh attempt org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration': Injection of autowired dependencies failed; nested exception is java.lang.IllegalStateException: @Order on WebSecurityConfigurers must be unique. Order of 100 was already used, so it cannot be used on com.payment21.webapp.MultiHttpSecurityConfig$ApiWebSecurityConfigurationAdapter$$EnhancerBySpringCGLIB$$35c79fe4@1d381684 too.
由于我自己的尝试没有成功,我尝试了 完全相同的代码,如 Spring Security reference 中所示:
@EnableWebSecurity
public class MultiHttpSecurityConfig {
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) {
auth
.inMemoryAuthentication()
.withUser("user").password("password").roles("USER").and()
.withUser("admin").password("password").roles("USER", "ADMIN");
}
@Configuration
@Order(1)
public static class ApiWebSecurityConfigurationAdapter extends WebSecurityConfigurerAdapter {
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/api/**")
.authorizeRequests()
.anyRequest().hasRole("ADMIN")
.and()
.httpBasic();
}
}
@Configuration
public static class FormLoginWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.formLogin();
}
}
}
为了隔离错误,我尝试用基于 Java 的方法替换 web.xml,但它也不起作用。不知道怎么回事,是不是文档错了?我的应用程序中的某些内容会与配置混淆吗?系统正常启动,除非我注册第二个 WebSecurityConfigAdapter。
这些是我的依赖项:
compile 'org.springframework:spring-webmvc:4.2.2.RELEASE'
compile 'org.springframework:spring-messaging:4.2.2.RELEASE'
compile 'org.springframework:spring-websocket:4.2.2.RELEASE'
compile 'org.springframework:spring-aop:4.2.2.RELEASE'
compile'javax.servlet:javax.servlet-api:3.0.1'
compile 'org.springframework.security:spring-security-web:4.0.3.RELEASE'
compile 'org.springframework.security:spring-security-config:4.0.3.RELEASE'
最佳答案
也许您已经使用 @EnableWebSecurity 注释对另一个类进行了注释。请注意,只有一个类可以实现此注解。希望对您有所帮助!
https://stackoverflow.com/questions/33523952/
相关文章:
spring - 如何在 Spring Boot 中为文件上传指定临时目录?
java - 使用 aspectj-maven-plugin 为 java 8 编织 Spring
java - Spring根应用上下文和servlet上下文混淆
java - Spring/Hibernate 测试 : Inserting test data a
spring - 如果我忘记将 Spring SessionStatus 标记为 "Complete
java - 从 4.2.0.RC3 升级到 4.2.0.RELEASE 时出现 Spring As
java - 如何使用 Spring 数据 jpa 更新实体
java - @Cacheable 命中的 Spring 缓存日志记录