Spring MVC + Spring Security + LDAP
Posted
技术标签:
【中文标题】Spring MVC + Spring Security + LDAP【英文标题】: 【发布时间】:2018-04-15 13:26:25 【问题描述】:我有这个WebSecurityConfig:
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter
@Override
protected void configure(HttpSecurity http) throws Exception
http.csrf().disable()
.authorizeRequests()
.antMatchers("/about", "/register").permitAll()
.antMatchers("/p1", "/p2", "/landing").fullyAuthenticated()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.and()
.logout()
.permitAll();
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception
auth
.ldapAuthentication()
.userDnPatterns("uid=0,ou=people")
.groupSearchBase("ou=groups")
.contextSource()
.ldif("classpath:test-server.ldif")
.and()
.passwordCompare()
.passwordEncoder(new LdapShaPasswordEncoder())
.passwordAttribute("userpassword")
;
@Override
public void configure(WebSecurity web) throws Exception
web
.ignoring()
.antMatchers("/resources/**", "/css/**", "/js/**", "/img/**");
我的ldif 文件已正确放置,并且我有一个 LoginController 返回一个 html 页面。但是,当使用 Maven 构建时,我得到:
org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'webSecurityConfig': Unsatisfied dependency expressed through method 'setContentNegotationStrategy' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'mvcContentNegotiationManager' defined in class path resource [org/springframework/web/servlet/config/annotation/DelegatingWebMvcConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.web.accept.ContentNegotiationManager]: Factory method 'mvcContentNegotiationManager' threw exception; nested exception is java.lang.NoSuchMethodError: org.springframework.web.accept.ContentNegotiationManagerFactoryBean.build()Lorg/springframework/web/accept/ContentNegotiationManager;
我的mvn dependency:tree:
[INFO] +- org.springframework.security:spring-security-core:jar:4.2.3.RELEASE:compile
[INFO] | +- aopalliance:aopalliance:jar:1.0:compile
[INFO] | +- org.springframework:spring-aop:jar:4.3.9.RELEASE:compile
[INFO] | +- org.springframework:spring-context:jar:4.3.9.RELEASE:compile
[INFO] | \- org.springframework:spring-expression:jar:4.3.9.RELEASE:compile
[INFO] +- org.springframework.security:spring-security-web:jar:4.2.3.RELEASE:compile
[INFO] | \- org.springframework:spring-web:jar:4.3.9.RELEASE:compile
[INFO] +- org.springframework.security:spring-security-config:jar:4.2.3.RELEASE:compile
[INFO] +- org.springframework.ldap:spring-ldap-core:jar:2.3.2.RELEASE:compile
[INFO] | +- org.slf4j:slf4j-api:jar:1.7.21:compile
[INFO] | \- org.springframework:spring-tx:jar:4.3.4.RELEASE:compile
[INFO] +- org.springframework.security:spring-security-ldap:jar:4.2.3.RELEASE:compile
[INFO] +- com.unboundid:unboundid-ldapsdk:jar:4.0.1:compile
[INFO] +- org.springframework.kafka:spring-kafka:jar:2.0.0.RELEASE:compile
[INFO] | +- org.springframework:spring-messaging:jar:5.0.0.RELEASE:compile
[INFO] | +- org.springframework.retry:spring-retry:jar:1.2.0.RELEASE:compile
[INFO] | \- org.apache.kafka:kafka-clients:jar:0.11.0.0:compile
[INFO] | +- net.jpountz.lz4:lz4:jar:1.3.0:compile
[INFO] | \- org.xerial.snappy:snappy-java:jar:1.1.2.6:compile
[INFO] +- org.springframework:spring-core:jar:5.0.0.RELEASE:compile
[INFO] | \- org.springframework:spring-jcl:jar:5.0.0.RELEASE:compile
[INFO] +- org.springframework:spring-beans:jar:5.0.0.RELEASE:compile
[INFO] +- org.springframework:spring-websocket:jar:5.0.0.RELEASE:compile
[INFO] +- org.apache.hbase:hbase-client:jar:1.3.1:compile
[INFO] | +- org.apache.hbase:hbase-annotations:jar:1.3.1:compile
[INFO] | | +- com.github.stephenc.findbugs:findbugs-annotations:jar:1.3.9-1:compile
[INFO] | | \- log4j:log4j:jar:1.2.17:compile
[INFO] | +- org.apache.hbase:hbase-common:jar:1.3.1:compile
[INFO] | | +- commons-collections:commons-collections:jar:3.2.2:compile
[INFO] | | \- org.mortbay.jetty:jetty-util:jar:6.1.26:compile
[INFO] | +- org.apache.hbase:hbase-protocol:jar:1.3.1:compile
[INFO] | +- commons-codec:commons-codec:jar:1.9:compile
[INFO] | +- commons-io:commons-io:jar:2.4:compile
[INFO] | +- commons-lang:commons-lang:jar:2.6:compile
[INFO] | +- commons-logging:commons-logging:jar:1.2:compile
[INFO] | +- com.google.guava:guava:jar:12.0.1:compile
[INFO] | +- com.google.protobuf:protobuf-java:jar:2.5.0:compile
[INFO] | +- io.netty:netty-all:jar:4.0.23.Final:compile
[INFO] | +- org.apache.zookeeper:zookeeper:jar:3.4.6:compile
[INFO] | | \- org.slf4j:slf4j-log4j12:jar:1.6.1:compile
[INFO] | +- org.apache.htrace:htrace-core:jar:3.1.0-incubating:compile
[INFO] | +- org.codehaus.jackson:jackson-mapper-asl:jar:1.9.13:compile
[INFO] | | \- org.codehaus.jackson:jackson-core-asl:jar:1.9.13:compile
[INFO] | +- org.jruby.jcodings:jcodings:jar:1.0.8:compile
[INFO] | +- org.jruby.joni:joni:jar:2.1.2:compile
[INFO] | +- com.yammer.metrics:metrics-core:jar:2.2.0:compile
[INFO] | +- org.apache.hadoop:hadoop-auth:jar:2.5.1:compile
[INFO] | | +- org.apache.httpcomponents:httpclient:jar:4.2.5:compile
[INFO] | | | \- org.apache.httpcomponents:httpcore:jar:4.2.4:compile
[INFO] | | \- org.apache.directory.server:apacheds-kerberos-codec:jar:2.0.0-M15:compile
[INFO] | | +- org.apache.directory.server:apacheds-i18n:jar:2.0.0-M15:compile
[INFO] | | +- org.apache.directory.api:api-asn1-api:jar:1.0.0-M20:compile
[INFO] | | \- org.apache.directory.api:api-util:jar:1.0.0-M20:compile
[INFO] | +- org.apache.hadoop:hadoop-common:jar:2.5.1:compile
[INFO] | | +- org.apache.hadoop:hadoop-annotations:jar:2.5.1:compile
[INFO] | | | \- jdk.tools:jdk.tools:jar:1.6:system
[INFO] | | +- commons-cli:commons-cli:jar:1.2:compile
[INFO] | | +- org.apache.commons:commons-math3:jar:3.1.1:compile
[INFO] | | +- xmlenc:xmlenc:jar:0.52:compile
[INFO] | | +- commons-httpclient:commons-httpclient:jar:3.1:compile
[INFO] | | +- commons-net:commons-net:jar:3.1:compile
[INFO] | | +- commons-el:commons-el:jar:1.0:runtime
[INFO] | | +- commons-configuration:commons-configuration:jar:1.6:compile
[INFO] | | | +- commons-digester:commons-digester:jar:1.8:compile
[INFO] | | | | \- commons-beanutils:commons-beanutils:jar:1.7.0:compile
[INFO] | | | \- commons-beanutils:commons-beanutils-core:jar:1.8.0:compile
[INFO] | | +- org.apache.avro:avro:jar:1.7.4:compile
[INFO] | | | \- com.thoughtworks.paranamer:paranamer:jar:2.3:compile
[INFO] | | +- com.jcraft:jsch:jar:0.1.42:compile
[INFO] | | +- com.google.code.findbugs:jsr305:jar:1.3.9:compile
[INFO] | | \- org.apache.commons:commons-compress:jar:1.4.1:compile
[INFO] | | \- org.tukaani:xz:jar:1.0:compile
[INFO] | +- org.apache.hadoop:hadoop-mapreduce-client-core:jar:2.5.1:compile
[INFO] | | +- org.apache.hadoop:hadoop-yarn-common:jar:2.5.1:compile
[INFO] | | | +- org.apache.hadoop:hadoop-yarn-api:jar:2.5.1:compile
[INFO] | | | \- javax.xml.bind:jaxb-api:jar:2.2.2:compile
[INFO] | | | +- javax.xml.stream:stax-api:jar:1.0-2:compile
[INFO] | | | \- javax.activation:activation:jar:1.1:compile
[INFO] | | \- io.netty:netty:jar:3.6.2.Final:compile
[INFO] | \- junit:junit:jar:4.12:compile
[INFO] | \- org.hamcrest:hamcrest-core:jar:1.3:compile
[INFO] +- org.springframework:spring-webmvc:jar:5.0.0.RELEASE:compile
[INFO] +- javax.servlet:javax.servlet-api:jar:4.0.0:provided
[INFO] +- org.thymeleaf:thymeleaf-spring4:jar:2.1.5.RELEASE:compile
[INFO] | \- org.thymeleaf:thymeleaf:jar:2.1.5.RELEASE:compile
[INFO] | +- ognl:ognl:jar:3.0.8:compile
[INFO] | +- org.javassist:javassist:jar:3.16.1-GA:compile
[INFO] | \- org.unbescape:unbescape:jar:1.1.0.RELEASE:compile
[INFO] +- org.springframework.data:spring-data-hadoop:jar:2.5.0.RELEASE:compile
[INFO] | +- org.springframework.data:spring-data-hadoop-core:jar:2.5.0.RELEASE:compile
[INFO] | | +- org.apache.hadoop:hadoop-streaming:jar:2.7.3:compile
[INFO] | | +- org.apache.hadoop:hadoop-distcp:jar:2.7.3:compile
[INFO] | | +- org.apache.hadoop:hadoop-hdfs:jar:2.7.3:compile
[INFO] | | | +- org.mortbay.jetty:jetty:jar:6.1.26:compile
[INFO] | | | +- com.sun.jersey:jersey-core:jar:1.9:compile
[INFO] | | | +- com.sun.jersey:jersey-server:jar:1.9:compile
[INFO] | | | | \- asm:asm:jar:3.1:compile
[INFO] | | | +- commons-daemon:commons-daemon:jar:1.0.13:compile
[INFO] | | | +- javax.servlet:servlet-api:jar:2.5:compile
[INFO] | | | +- xerces:xercesImpl:jar:2.9.1:compile
[INFO] | | | | \- xml-apis:xml-apis:jar:1.3.04:compile
[INFO] | | | \- org.fusesource.leveldbjni:leveldbjni-all:jar:1.8:compile
[INFO] | | \- org.apache.hadoop:hadoop-mapreduce-client-jobclient:jar:2.7.3:compile
[INFO] | | +- org.apache.hadoop:hadoop-mapreduce-client-common:jar:2.7.3:compile
[INFO] | | | +- org.apache.hadoop:hadoop-yarn-client:jar:2.7.3:compile
[INFO] | | | \- org.apache.hadoop:hadoop-yarn-server-common:jar:2.7.3:compile
[INFO] | | +- org.apache.hadoop:hadoop-mapreduce-client-shuffle:jar:2.7.3:compile
[INFO] | | | \- org.apache.hadoop:hadoop-yarn-server-nodemanager:jar:2.7.3:compile
[INFO] | | | +- com.sun.jersey:jersey-client:jar:1.9:compile
[INFO] | | | +- com.sun.jersey:jersey-json:jar:1.9:compile
[INFO] | | | | +- com.sun.xml.bind:jaxb-impl:jar:2.2.3-1:compile
[INFO] | | | | +- org.codehaus.jackson:jackson-jaxrs:jar:1.8.3:compile
[INFO] | | | | \- org.codehaus.jackson:jackson-xc:jar:1.8.3:compile
[INFO] | | | \- com.sun.jersey.contribs:jersey-guice:jar:1.9:compile
[INFO] | | \- com.google.inject.extensions:guice-servlet:jar:3.0:compile
[INFO] | | \- com.google.inject:guice:jar:3.0:compile
[INFO] | | \- javax.inject:javax.inject:jar:1:compile
[INFO] | +- org.springframework.data:spring-data-hadoop-hive:jar:2.5.0.RELEASE:compile
[INFO] | | \- org.springframework.batch:spring-batch-core:jar:3.0.7.RELEASE:compile
[INFO] | | +- com.ibm.jbatch:com.ibm.jbatch-tck-spi:jar:1.0:compile
[INFO] | | | \- javax.batch:javax.batch-api:jar:1.0:compile
[INFO] | | +- com.thoughtworks.xstream:xstream:jar:1.4.7:compile
[INFO] | | | +- xmlpull:xmlpull:jar:1.1.3.1:compile
[INFO] | | | \- xpp3:xpp3_min:jar:1.1.4c:compile
[INFO] | | +- org.codehaus.jettison:jettison:jar:1.2:compile
[INFO] | | \- org.springframework.batch:spring-batch-infrastructure:jar:3.0.7.RELEASE:compile
[INFO] | +- org.springframework:spring-context-support:jar:4.3.9.RELEASE:compile
[INFO] | +- org.springframework.data:spring-data-hadoop-hbase:jar:2.5.0.RELEASE:compile
[INFO] | +- org.springframework:spring-jdbc:jar:4.3.9.RELEASE:compile
[INFO] | +- org.springframework.data:spring-data-hadoop-pig:jar:2.5.0.RELEASE:compile
[INFO] | \- org.springframework.data:spring-data-hadoop-batch:jar:2.5.0.RELEASE:compile
[INFO] +- org.springframework:spring-dao:jar:2.0.8:compile
[INFO] +- com.fasterxml.jackson.core:jackson-core:jar:2.9.0:compile
[INFO] +- com.fasterxml.jackson.core:jackson-databind:jar:2.9.0:compile
[INFO] | \- com.fasterxml.jackson.core:jackson-annotations:jar:2.9.0:compile
[INFO] \- org.json:json:jar:20170516:compile
有什么想法吗?
【问题讨论】:
【参考方案1】:我也遇到过类似的问题:
org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'securityConfig': Unsatisfied dependency expressed through method 'setContentNegotationStrategy' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'mvcContentNegotiationManager' defined in class path resource [org/springframework/web/servlet/config/annotation/DelegatingWebMvcConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.web.accept.ContentNegotiationManager]: Factory method 'mvcContentNegotiationManager' threw exception; nested exception is java.lang.NoSuchMethodError: org.springframework.web.accept.ContentNegotiationManagerFactoryBean.build()Lorg/springframework/web/accept/ContentNegotiationManager;
我在 build.gradle 中的依赖:
buildscript
ext
springBootVersion = '1.5.9.RELEASE'
repositories
mavenCentral()
maven url "http://repo.spring.io/libs-release"
dependencies
classpath("org.springframework.boot:spring-boot-gradle-plugin:$springBootVersion")
.....
dependencies
compile('org.springframework:spring-webmvc:2.5.2.RELEASE')
compile('org.springframework.boot:spring-boot-starter-jersey')
compile('org.springframework.boot:spring-boot-starter-security')
testCompile('org.springframework.boot:spring-boot-starter-test')
testCompile('org.springframework.security:spring-security-test')
我打开文件/项目结构/库(我使用 intellij idea)并检查依赖关系的版本:
我不确定,但我认为我没有明确指定依赖项的版本 Gradle 默认使用以前的版本作为此依赖项。
然后我在 build.gradle 中手动指定了必要的版本:
dependencies
compile 'org.springframework:spring-webmvc:5.0.2.RELEASE'
compile 'org.springframework:spring-web:5.0.2.RELEASE'
compile 'org.springframework:spring-expression:5.0.2.RELEASE'
compile 'org.springframework:spring-aop:5.0.2.RELEASE'
compile 'org.springframework:spring-beans:5.0.2.RELEASE'
compile 'org.springframework:spring-context:5.0.2.RELEASE'
compile 'org.springframework:spring-core:5.0.2.RELEASE'
compile 'org.springframework:spring-test:5.0.2.RELEASE'
compile('org.springframework.boot:spring-boot-starter-jersey')
compile 'com.fasterxml.jackson.core:jackson-databind:2.9.3'
compile 'com.fasterxml.jackson.core:jackson-core:2.9.3'
compile 'com.fasterxml.jackson.core:jackson-annotations:2.9.3'
compile('org.springframework.security:spring-security-web:5.0.0.RELEASE')
compile('org.springframework.security:spring-security-config:5.0.0.RELEASE')
compile('org.springframework.security:spring-security-core:5.0.0.RELEASE')
testCompile('org.springframework.boot:spring-boot-starter-test')
这对我有帮助。
【讨论】:
【参考方案2】:从错误来看,您使用的 spring jar 文件的版本似乎存在问题
如果你看ContentNegotiationManagerFactoryBean类here的文档,5.0版本中引入了build()方法
public ContentNegotiationManager build()
Actually build the ContentNegotiationManager.
Since:
5.0
ContentNegotiationManagerFactoryBean 类存在于 org.springframework:spring-web jar 文件中。根据您的 mvn 依赖树,版本是 org.springframework:spring-web:jar:4.3.9.RELEASE
根据文档 4.3.9 release,此 4.3.9 版本不包含 build() 方法。所以,你得到了这个错误。
如果您可以将org.springframework:spring-web:jar:4.3.9.RELEASE 更改为org.springframework:spring-web:jar:5.0.0.RELEASE,它应该可以解决您的问题。
【讨论】:
以上是关于Spring MVC + Spring Security + LDAP的主要内容,如果未能解决你的问题,请参考以下文章