EnableEurekaClient 不能与 EnableOAuth2Sso 一起使用。它导致 springSecurityFilterChain bean AlreadyBuiltException

Posted 2023-02-27

【中文标题】EnableEurekaClient 不能与 EnableOAuth2Sso 一起使用。它导致 springSecurityFilterChain bean AlreadyBuiltException

【英文标题】：EnableEurekaClient cannot work with EnableOAuth2Sso. It causes springSecurityFilterChain bean AlreadyBuiltException

【发布时间】：2016-03-04 09:13:08

【问题描述】：

我正在使用 spring-cloud-starter-parent 版本 Brixton.M3 来测试 spring security oauth2。在我启用 Eureka 客户端之前一切正常。

开启Eureka客户端后报如下错误，

[ERROR] Failed to execute goal org.springframework.boot:spring-boot-maven-plugin:1.3.0.RELEASE:run (default-cli) on project spring-security-oauth2-brixton-demo: An exception occured while running. null: InvocationTargetException: Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is org.springframework.security.config.annotation.AlreadyBuiltException: This object has already been built -> [Help 1]

我的maven pom.xml是

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>

    <parent>
        <groupId>org.springframework.cloud</groupId>
        <artifactId>spring-cloud-starter-parent</artifactId>
        <version>Brixton.M3</version>
        <relativePath />
    </parent>

    <artifactId>spring-security-oauth2-brixton-demo</artifactId>
    <groupId>com.gaoshin</groupId>
    <packaging>jar</packaging>

    <properties>
        <start-class>com.gaoshin.Application</start-class>
    </properties>

    <dependencies>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-config</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.security.oauth</groupId>
            <artifactId>spring-security-oauth2</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-eureka</artifactId>
        </dependency>
    </dependencies>

    <repositories>
        <repository>
            <id>spring-snapshots</id>
            <name>Spring Snapshots</name>
            <url>http://repo.spring.io/milestone</url>
            <snapshots>
                <enabled>true</enabled>
            </snapshots>
        </repository>
    </repositories>

</project>

Application.java

package com.gaoshin;

import java.security.Principal;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
import org.springframework.cloud.netflix.eureka.EnableEurekaClient;
import org.springframework.http.MediaType;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

@SpringBootApplication
@EnableOAuth2Sso
@RestController
@EnableEurekaClient
@RequestMapping(produces=MediaType.APPLICATION_JSON_VALUE)
public class Application 
    @RequestMapping(value="/", method = RequestMethod.GET)
    public String hi(Principal p) 
        return p!=null ? "Hello " + p.getName() : "Hello guest";
    

    public static void main(String[] args) 
        SpringApplication.run(Application.class, args);
    

资源服务器.java

package com.gaoshin;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;

@Configuration
@EnableResourceServer 
public class ResourceServer extends ResourceServerConfigurerAdapter 

    @Override
    public void configure(HttpSecurity http) throws Exception 
        http.csrf().disable();
        http.headers().cacheControl().disable();
        http.authorizeRequests().antMatchers("/**").permitAll();
    

【参考方案1】：

如此处所述：https://github.com/spring-cloud/spring-cloud-netflix/issues/673，删除 spring-cloud-security 依赖项将解决问题。

【参考方案2】：

我很确定您的ResourceServerConfigurerAdapter 中需要一个请求匹配器。示例：http.antMatcher("/**")。