Spring Security Config:AlreadyBuiltException:该对象已经构建
Posted
技术标签:
【中文标题】Spring Security Config:AlreadyBuiltException:该对象已经构建【英文标题】:Spring Security Config: AlreadyBuiltException: This object has already been built 【发布时间】:2016-12-01 18:36:06 【问题描述】:我正在自学 Spring Security。我目前有两个 java 文件和 pom 文件。出于某种原因,当我在 WebSecurityConfigurerAdapter 中覆盖 protected void configure(HttpSecurity http) 方法时,它会给出一个 AlreadyBuiltException。如果我删除被覆盖的方法,它将运行没有错误。我的代码如下:
IntegrationTest.java
@SpringBootApplication
@EnableAutoConfiguration(exclude=DataSourceAutoConfiguration.class)
@ComponentScan("com.socialsignin", "test.com.socialsignin")
public class IntegrationTest
public static void main(String[] args)
ConfigurableApplicationContext context = SpringApplication.run(IntegrationTest.class, args);
SecurityConfig.java
package com.socialsignin.config;
@EnableWebSecurity
@Component
public class SecurityConfig extends WebSecurityConfigurerAdapter
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception
auth
.inMemoryAuthentication()
.withUser("user").password("password").roles("USER");
@Override
public void configure(WebSecurity web) throws Exception
web
.ignoring()
.antMatchers("/resources/**");
@Override
protected void configure(HttpSecurity http) throws Exception
http
.formLogin()
.loginPage("/signin")
.loginProcessingUrl("/signin/authenticate")
.failureUrl("/signin?param.error=bad_credentials")
.and()
.logout()
.logoutUrl("/signout")
.deleteCookies("JSESSIONID")
.and()
.authorizeRequests()
.antMatchers("/admin/**", "/favicon.ico", "/resources/**", "/auth/**", "/signin/**", "/signup/**", "/disconnect/facebook").permitAll()
.antMatchers("/**").authenticated()
.and()
.rememberMe()
.and()
.apply(new SpringSocialConfigurer());
日志
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.IllegalStateException: SpringSocialConfigurer depends on org.springframework.social.connect.UsersConnectionRepository. No single bean of that type found in application context.
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:599) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1123) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1018) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:510) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:482) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE]
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:202) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1060) ~[spring-context-4.2.7.RELEASE.jar:4.2.7.RELEASE]
at org.springframework.web.filter.DelegatingFilterProxy.initDelegate(DelegatingFilterProxy.java:326) ~[spring-web-4.2.3.RELEASE.jar:4.2.3.RELEASE]
at org.springframework.web.filter.DelegatingFilterProxy.initFilterBean(DelegatingFilterProxy.java:235) ~[spring-web-4.2.3.RELEASE.jar:4.2.3.RELEASE]
at org.springframework.web.filter.GenericFilterBean.init(GenericFilterBean.java:199) ~[spring-web-4.2.3.RELEASE.jar:4.2.3.RELEASE]
at org.apache.catalina.core.ApplicationFilterConfig.initFilter(ApplicationFilterConfig.java:279) ~[tomcat-embed-core-8.0.36.jar:8.0.36]
at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:109) ~[tomcat-embed-core-8.0.36.jar:8.0.36]
at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:4689) [tomcat-embed-core-8.0.36.jar:8.0.36]
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5329) [tomcat-embed-core-8.0.36.jar:8.0.36]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147) [tomcat-embed-core-8.0.36.jar:8.0.36]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1407) [tomcat-embed-core-8.0.36.jar:8.0.36]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1397) [tomcat-embed-core-8.0.36.jar:8.0.36]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) [na:1.8.0_66]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_66]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_66]
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_66]
原因:org.springframework.beans.BeanInstantiationException:无法实例化[javax.servlet.Filter]:工厂方法'springSecurityFilterChain'抛出异常;嵌套异常是 java.lang.IllegalStateException: SpringSocialConfigurer 依赖于 org.springframework.social.connect.UsersConnectionRepository。在应用程序上下文中找不到该类型的单个 bean。 在 org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:189) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] ...省略了23个常用框架 引起:java.lang.IllegalStateException:SpringSocialConfigurer 依赖于 org.springframework.social.connect.UsersConnectionRepository。在应用程序上下文中找不到该类型的单个 bean。 在 org.springframework.social.security.SpringSocialConfigurer.getDependency(SpringSocialConfigurer.java:117) ~[spring-social-security-1.1.4.RELEASE.jar:1.1.4.RELEASE] 在 org.springframework.social.security.SpringSocialConfigurer.configure(SpringSocialConfigurer.java:71) ~[spring-social-security-1.1.4.RELEASE.jar:1.1.4.RELEASE] 在 org.springframework.social.security.SpringSocialConfigurer.configure(SpringSocialConfigurer.java:44) ~[spring-social-security-1.1.4.RELEASE.jar:1.1.4.RELEASE] 在 org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.configure(AbstractConfiguredSecurityBuilder.java:383) ~[spring-security-config-4.0.4.RELEASE.jar:4.0.4.RELEASE] 在 org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:329) ~[spring-security-config-4.0.4.RELEASE.jar:4.0.4.RELEASE] 在 org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:41) ~[spring-security-config-4.0.4.RELEASE.jar:4.0.4.RELEASE] 在 org.springframework.security.config.annotation.web.builders.WebSecurity.performBuild(WebSecurity.java:289) ~[spring-security-config-4.0.4.RELEASE.jar:4.0.4.RELEASE] 在 org.springframework.security.config.annotation.web.builders.WebSecurity.performBuild(WebSecurity.java:74) ~[spring-security-config-4.0.4.RELEASE.jar:4.0.4.RELEASE] 在 org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:333) ~[spring-security-config-4.0.4.RELEASE.jar:4.0.4.RELEASE] 在 org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:41) ~[spring-security-config-4.0.4.RELEASE.jar:4.0.4.RELEASE] 在 org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain(WebSecurityConfiguration.java:105) ~[spring-security-config-4.0.4.RELEASE.jar:4.0.4.RELEASE] 在 org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerBySpringCGLIB$$2ba5cd93.CGLIB$springSecurityFilterChain$3() ~[spring-security-config-4.0.4.RELEASE.jar:4.0.4.RELEASE ] 在 org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerBySpringCGLIB$$2ba5cd93$$FastClassBySpringCGLIB$$164abca.invoke() ~[spring-security-config-4.0.4.RELEASE.jar:4.0. 4.发布] 在 org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) ~[spring-core-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:356) ~[spring-context-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerBySpringCGLIB$$2ba5cd93.springSecurityFilterChain() ~[spring-security-config-4.0.4.RELEASE.jar:4.0.4.RELEASE] 在 sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_66] 在 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_66] 在 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_66] 在 java.lang.reflect.Method.invoke(Method.java:497) ~[na:1.8.0_66] 在 org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:162) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] ...省略了24个常用框架 引起:org.springframework.beans.factory.NoSuchBeanDefinitionException:没有定义[org.springframework.social.connect.UsersConnectionRepository]类型的合格bean 在 org.springframework.beans.factory.support.DefaultListableBeanFactory.getBean(DefaultListableBeanFactory.java:372) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.beans.factory.support.DefaultListableBeanFactory.getBean(DefaultListableBeanFactory.java:332) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1066) ~[spring-context-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.social.security.SpringSocialConfigurer.getDependency(SpringSocialConfigurer.java:114) ~[spring-social-security-1.1.4.RELEASE.jar:1.1.4.RELEASE] ...省略了44个常用框架
2016-07-27 12:13:30.582 错误 3869 --- [ost-startStop-1] o.apache.catalina.core.StandardContext:一个或多个过滤器无法启动。完整的详细信息将在相应的容器日志文件中找到 2016-07-27 12:13:30.583 错误 3869 --- [ost-startStop-1] o.apache.catalina.core.StandardContext:上下文 [] 启动因先前的错误而失败 2016-07-27 12:13:30.627 WARN 3869 --- [main] ationConfigEmbeddedWebApplicationContext:在上下文初始化期间遇到异常 - 取消刷新尝试:org.springframework.beans.factory.BeanCreationException:创建名称为“springSecurityFilterChain”的bean时定义在类路径资源[org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]:通过工厂方法的Bean实例化失败;嵌套异常是 org.springframework.beans.BeanInstantiationException:无法实例化 [javax.servlet.Filter]:工厂方法“springSecurityFilterChain”抛出异常;嵌套异常是 org.springframework.security.config.annotation.AlreadyBuiltException: This object has already been built 2016-07-27 12:13:30.632 INFO 3869 --- [main] o.apache.catalina.core.StandardService:停止服务 Tomcat 2016-07-27 12:13:30.638 错误 3869 --- [main] os.boot.SpringApplication:应用程序启动失败
org.springframework.beans.factory.BeanCreationException:在类路径资源 [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class] 中定义名称为“springSecurityFilterChain”的 bean 创建错误:通过工厂进行 bean 实例化方法失败;嵌套异常是 org.springframework.beans.BeanInstantiationException:无法实例化 [javax.servlet.Filter]:工厂方法“springSecurityFilterChain”抛出异常;嵌套异常是 org.springframework.security.config.annotation.AlreadyBuiltException: This object has already been built 在 org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:599) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1123) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1018) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:510) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:482) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:296) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:772) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:839) ~[spring-context-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:538) ~[spring-context-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:118) ~[spring-boot-1.3.6.RELEASE.jar:1.3.6.RELEASE] 在 org.springframework.boot.SpringApplication.refresh(SpringApplication.java:760) [spring-boot-1.3.6.RELEASE.jar:1.3.6.RELEASE] 在 org.springframework.boot.SpringApplication.createAndRefreshContext(SpringApplication.java:360) [spring-boot-1.3.6.RELEASE.jar:1.3.6.RELEASE] 在 org.springframework.boot.SpringApplication.run(SpringApplication.java:306) [spring-boot-1.3.6.RELEASE.jar:1.3.6.RELEASE] 在 org.springframework.boot.SpringApplication.run(SpringApplication.java:1185) [spring-boot-1.3.6.RELEASE.jar:1.3.6.RELEASE] 在 org.springframework.boot.SpringApplication.run(SpringApplication.java:1174) [spring-boot-1.3.6.RELEASE.jar:1.3.6.RELEASE] 在 test.com.socialsignin.app.IntegrationTest.main(IntegrationTest.java:15) [test-classes/:na] 引起:org.springframework.beans.BeanInstantiationException:无法实例化[javax.servlet.Filter]:工厂方法'springSecurityFilterChain'抛出异常;嵌套异常是 org.springframework.security.config.annotation.AlreadyBuiltException: This object has already been built 在 org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:189) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] ...省略了20个常用框架 引起:org.springframework.security.config.annotation.AlreadyBuiltException:这个对象已经被构建 在 org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:44) ~[spring-security-config-4.0.4.RELEASE.jar:4.0.4.RELEASE] 在 org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain(WebSecurityConfiguration.java:105) ~[spring-security-config-4.0.4.RELEASE.jar:4.0.4.RELEASE] 在 org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerBySpringCGLIB$$2ba5cd93.CGLIB$springSecurityFilterChain$3() ~[spring-security-config-4.0.4.RELEASE.jar:4.0.4.RELEASE ] 在 org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerBySpringCGLIB$$2ba5cd93$$FastClassBySpringCGLIB$$164abca.invoke() ~[spring-security-config-4.0.4.RELEASE.jar:4.0. 4.发布] 在 org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) ~[spring-core-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:356) ~[spring-context-4.2.7.RELEASE.jar:4.2.7.RELEASE] 在 org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerBySpringCGLIB$$2ba5cd93.springSecurityFilterChain() ~[spring-security-config-4.0.4.RELEASE.jar:4.0.4.RELEASE] 在 sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_66] 在 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_66] 在 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_66] 在 java.lang.reflect.Method.invoke(Method.java:497) ~[na:1.8.0_66] 在 org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:162) ~[spring-beans-4.2.7.RELEASE.jar:4.2.7.RELEASE] ...省略了21个常用框架
【问题讨论】:
可以尝试为您的 SecurityConfig 类使用@Configuration 注解吗? 是的,我应该使用它。只是将其更改为 @Configuration 但仍然得到相同的错误:( 你有没有想过这个问题? 【参考方案1】:我也遇到了这个错误,没有任何我可以检测到的变化。也许当我升级到 Spring Boot 1.4 但不确定。令人沮丧的是,从我的 IDE 运行并没有显示错误,它仅在部署到 Heroku 时发生。我要解决的更改是将“@Order(0)”添加到内部类,请参见下面的代码示例。设置安全配置非常令人困惑,所以我不清楚为什么会这样,但也许它可以帮助其他人尝试。
对于使用 configureGlobal 的情况,请查看 https://github.com/spring-projects/spring-security/issues/3042 和 Can not apply DaoAuthenticationConfigurer to already built object,因为它们也可能是相关的。
@Configuration
@EnableWebSecurity
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
public class SpringSecurityConfigurer
@Configuration
@Order(1)
public static class ApiWebSecurityConfigurationAdapter extends WebSecurityConfigurerAdapter
/** We expect that the URLs secured here are called as part of the application or via websocket. */
protected void configure(HttpSecurity http) throws Exception
http
.requestMatchers().antMatchers("/restapi/requests/**", "/simulation/**", "/api/**", "/wsconnect/**").and()
.authorizeRequests()
.anyRequest().authenticated()
.and()
.httpBasic()
.and()
.csrf().disable();
@Configuration
@Order(2)
public static class StatelessApiWebSecurityConfigurationAdapter extends WebSecurityConfigurerAdapter
/** We expect that the URLs secured here are called called externally. */
protected void configure(HttpSecurity http) throws Exception
http
.requestMatchers().antMatchers("/restapi/**").and()
.authorizeRequests()
.anyRequest().authenticated()
.and()
.httpBasic()
.and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.csrf().disable();
@Configuration
@Order(3)
public static class SubscriptionWebSecurityConfigurationAdapter extends WebSecurityConfigurerAdapter
protected void configure(HttpSecurity http) throws Exception
http
.requestMatchers().antMatchers("/subscribe**","/subscribe/**").and()
.addFilterBefore(new ApplicationSecurityTokenFilter(), UsernamePasswordAuthenticationFilter.class)
.authorizeRequests()
.anyRequest().authenticated()
.and()
.httpBasic()
.and()
.csrf().disable();
@Configuration
@Order(0)
protected static class ApplicationSecurity extends WebSecurityConfigurerAdapter
@Autowired
ApplicationUserDetailsManager applicationUserDetailsManager;
@Autowired // need Autowired instead of Override here, not clear why!
public void configure(AuthenticationManagerBuilder auth) throws Exception
// configure the repository user details service
// PasswordEncoder encoder = new BCryptPasswordEncoder();
auth.userDetailsService(applicationUserDetailsManager);
// make sure we have the default user if it is not there
if(!applicationUserDetailsManager.userExists("user"))
ApplicationUser defaultApplicationUser = new ApplicationUser();
defaultApplicationUser.setUsername("user");
defaultApplicationUser.setPassword("password");
defaultApplicationUser.setEnabled(true);
applicationUserDetailsManager.createUser(new ApplicationUserDetails(defaultApplicationUser));
@Override
protected void configure(HttpSecurity http) throws Exception
// configure our web security that uses a form login
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.and()
.logout()
.permitAll()
// note that this overrides CSRF for logout as it allows a GET to logout
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.and()
.rememberMe();
@Override
public void configure(WebSecurity web) throws Exception
web
.ignoring()
// Spring Security should completely ignore URLs starting with /icons/ and /images/
.antMatchers("/icons/**")
.antMatchers("/images/**")
.antMatchers("/favicon.ico");
【讨论】:
【参考方案2】:尝试从SecurityConfig 类中删除@EnableWebSecurity 注释。 Spring Boot 可能会在其自动魔术中添加此注释。至少这对我今天的情况有所帮助。
来源:所以回答https://***.com/a/39483613/2127340
【讨论】:
以上是关于Spring Security Config:AlreadyBuiltException:该对象已经构建的主要内容,如果未能解决你的问题,请参考以下文章
如何使用 Spring-Security 3 和 Hibernate 4 将 spring security xml 配置 hibernate 转换为 java config
Spring Security sec:使用 Java Config 授权标签
Spring Security Config:AlreadyBuiltException:该对象已经构建