spring cloud 问题记录(十三)authenticationManager无法注入问题

在配置spring cloud security的过程中出现如下异常信息导致无法启动项目

Field authenticationManager in com.clark.online.edu.config.AuthorizationServerConfig required a bean of type 'org.springframework.security.authentication.AuthenticationManager' that could not be found.


Action:

Consider defining a bean of type 'org.springframework.security.authentication.AuthenticationManager' in your configuration.

看错误信息就很明白了,就是需要authenticationManager,但是没有在config里面注入,但是实际上在我的config配置里面已经注入了,代码如下:

	/**
	 * 认证管理
	 */
	@Autowired
	private AuthenticationManager authenticationManager;
	/**
	 * redis连接工具
	 */
	@Autowired
	private RedisConnectionFactory redisConnectionFactory;
	
	/**
	 * redis存储token
	 * @return
	 */
	@Bean
	RedisTokenStore redisTokenStore() {
		return new RedisTokenStore(redisConnectionFactory);
	}
	
	/**
	 * 配置
	 */
	@Override 
	public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
		endpoints.tokenStore(redisTokenStore()).authenticationManager(authenticationManager);
	}

其实原因我不知道,解决方法很简单就是重新实例化bean就OK

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
	/**
	 * 重新实例化bean
	 */
	@Override
	@Bean
	public AuthenticationManager authenticationManagerBean() throws Exception {
		return super.authenticationManagerBean();
	}
}

 

要在Spring Cloud Gateway中启用JWT(JSON Web Tokens)认证,你需要进行以下步骤: 1. 添加依赖:首先,在你的Maven或Gradle项目中添加Spring Security Web、Spring Cloud Gateway以及相关的JWT库。例如,如果你使用的是Spring Boot,你可以添加以下依赖到`pom.xml`(Maven)或`build.gradle`(Gradle): ```xml <!-- Maven --> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> <dependency> <groupId>io.jsonwebtoken</groupId> <artifactId>jjwt-api</artifactId> <version>0.9.1</version> <!-- 或者最新版本 --> </dependency> <!-- Gradle (如果使用Spring Boot Plugin) --> implementation 'org.springframework.boot:spring-boot-starter-security' implementation 'io.jsonwebtoken:jjwt-api:0.9.1' // 或者最新版本 ``` 2. 配置JWT处理器:在`application.yml`或`application.properties`文件中配置JWT处理器,例如: ```yaml # application.yml security: oauth2: client: registration: jwt: client-id: jwt-client secret: your-secret-key scope: read write tokenUri: /token spring: cloud: gateway: routes: - id: jwt-route uri: lb://backend predicates: - Path=/api/** # 匹配所有/api路径下的请求 filters: - AuthorizationTokenResolver ``` 这里的`client-id`、`secret-key`和`tokenUri`需要替换为实际的客户端ID、密钥和令牌生成端点。 3. 实现AuthorizationTokenResolver过滤器:创建一个实现`WebFilter`接口的类,比如`JwtAuthorizationFilter`,解析HTTP头中的JWT: ```java import org.springframework.core.io.buffer.DataBuffer; import org.springframework.http.server.ServerHttpRequest; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.server.WebFilterExchange; import io.jsonwebtoken.Claims; public class JwtAuthorizationFilter implements WebFilter { private final AuthenticationManager authenticationManager; public JwtAuthorizationFilter(AuthenticationManager authenticationManager) { this.authenticationManager = authenticationManager; } @Override public Mono<Void> filter(ServerHttpRequest request, WebFilterExchange exchange) throws Exception { String authorizationHeader = request.getHeaders().getFirst("Authorization"); if (authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) { String jwt = authorizationHeader.substring("Bearer ".length()); try { Claims claims = Jwts.parser().setSigningKey(secretKey).parseClaimsJws(jwt).getBody(); UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(claims.getSubject(), null, claims.getAuthorities()); SecurityContextHolder.getContext().setAuthentication(authenticationManager.authenticate(usernamePasswordAuthenticationToken)); } catch (Exception e) { // 处理JWT验证失败的情况 log.error("Invalid JWT", e); exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED); } } return exchange.getChain().filter(request); } } ``` 4. 自定义SecurityConfiguration:确保`SecurityWebAutoConfiguration`被禁用,然后自定义一个`SecurityConfiguration`类以注入刚刚创建的`JwtAuthorizationFilter`: ```java @Configuration @EnableWebSecurity public class CustomSecurityConfig extends WebSecurityConfigurerAdapter { private final JwtAuthorizationFilter jwtAuthorizationFilter; public CustomSecurityConfig(JwtAuthorizationFilter jwtAuthorizationFilter) { this.jwtAuthorizationFilter = jwtAuthorizationFilter; } @Bean @Order(Ordered.HIGHEST_PRECEDENCE) public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) throws Exception { http.oauth2Login() .jwt().jwtAuthorizationRequestConverter(new JwtAuthorizationRequestConverter()) .and() .addFilterAfter(jwtAuthorizationFilter, UsernamePasswordAuthenticationFilter.class); // 其他安全设置... return http.build(); } } ``` 5. 启动应用:运行你的应用程序,现在JWT认证已经启用,对匹配`/api/**`路由的所有API请求,Spring Cloud Gateway会在接收到请求时检查JWT。
评论 7
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值