使用 Spring Security 配置 Spring Boot 会导致构建失败,因为引用缺少依赖项

Posted

技术标签:

【中文标题】使用 Spring Security 配置 Spring Boot 会导致构建失败,因为引用缺少依赖项【英文标题】:Configuring Spring Boot with Spring Security makes build fail due to reference to missing dependency 【发布时间】:2015-12-31 12:36:19 【问题描述】:

每当尝试运行 mvn install 时,在 Spring Boot 项目上构建失败,原因是:

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-jersey</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-data-jpa</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-test</artifactId>
        <scope>test</scope>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-security</artifactId>
    </dependency>

未能执行目标 org.apache.maven.plugins:maven-compiler-plugin:3.3:compile (默认编译)项目波:致命错误编译: java.lang.RuntimeException: com.sun.tools.javac.code.Symbol$CompletionFailure:类文件 org.springframework.security.ldap.DefaultSpringSecurityContextSource 未找到 -> [帮助 1]

两件事解决了这个问题:

    删除以下安全配置

    @Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter 

  @Inject
  private UserDetailsService userDetailsService;

  @Inject
  public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception 
    auth
      .userDetailsService(userDetailsService);
  

  @Override
  protected void configure(HttpSecurity http) throws Exception 
    http
      .httpBasic()
        .realmName("Wave")
        .and()
      .authorizeRequests()
        .antMatchers(HttpMethod.POST, "/wave/service/employees/**").anonymous()
        .antMatchers("/wave/service/**").authenticated()
        .and()
      .sessionManagement()
        .sessionCreationPolicy(SessionCreationPolicy.STATELESS);

当然,删除配置不是一种选择,因为它会禁用我的应用程序的安全性

    添加以下依赖项

    <dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-ldap</artifactId>
</dependency>

然而,当添加它使错误消失时,出现了一个新的类似错误(只是指向另一个类):

未能执行目标 org.apache.maven.plugins:maven-compiler-plugin:3.3:compile (默认编译)项目波:致命错误编译: java.lang.RuntimeException: com.sun.tools.javac.code.Symbol$CompletionFailure:类文件 org.springframework.security.openid.OpenIDAttribute not found -> [帮助 1]

再次修复这个问题,我添加了以下依赖项:

    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-openid</artifactId>
    </dependency>

这再次解决了问题,但出现了另一个错误:

未能执行目标 org.apache.maven.plugins:maven-compiler-plugin:3.3:compile (默认编译)项目波:致命错误编译: java.lang.RuntimeException: com.sun.tools.javac.code.Symbol$CompletionFailure:类文件 org.apache.http.Header 未找到 -> [帮助 1]

最后,添加以下依赖解决了所有问题:

    <dependency>
        <groupId>org.apache.httpcomponents</groupId>
        <artifactId>httpclient</artifactId>
        <version>4.5.1</version>
    </dependency>

但是,我现在有多个我没有使用的依赖项。

还有其他方法可以解决这个问题吗?

【问题讨论】:

最后的修复是什么?我也面临同样的问题。 【参考方案1】:

删除你的依赖并添加它;删除后这对我来说很好用

<dependency>
        <groupId>org.apache.httpcomponents</groupId>
        <artifactId>httpclient</artifactId>
        <version>4.5.1</version>
    </dependency>

'

<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>

这是我的 pom.xml 文件

    <dependencies>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-data-jpa</artifactId>
        <exclusions>

        </exclusions>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-test</artifactId>
        <scope>test</scope>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>            
    </dependency>

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-security</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.security.oauth</groupId>
        <artifactId>spring-security-oauth2</artifactId>
        <version>2.0.9.RELEASE</version>
        <type>jar</type>
    </dependency>
    <dependency>
        <groupId>mysql</groupId>
        <artifactId>mysql-connector-java</artifactId>
        <version>5.1.6</version>
    </dependency>
</dependencies>

【讨论】:

【参考方案2】:

我通过替换解决了这个问题

<dependency>
   <groupId>org.eclipse.persistence</groupId>
   <artifactId>org.eclipse.persistence.jpa.modelgen.processor</artifactId>
   <version>2.6.4</version>
   <scope>provided</scope>
</dependency>


<dependency>
  <groupId>org.hibernate</groupId>
  <artifactId>hibernate-jpamodelgen</artifactId>
  <version>5.0.12.Final</version>
</dependency>

我认为这个问题在 org.eclipse.persistence.jpa.modelgen.processor

【讨论】:

以上是关于使用 Spring Security 配置 Spring Boot 会导致构建失败,因为引用缺少依赖项的主要内容,如果未能解决你的问题,请参考以下文章

用户能够访问管理员角色页面 - Spring Security [重复]

Spring Security(10)——退出登录logout

Maven:Spring 4 + Spring Security

Spring Security 如果是404直接报错,不要跳转认证?

spring security 没有调用 loadUserByUsername() 方法

002 Hello Spring Security