“无法访问 javax.servlet.Filter"将 Spring Security 与 Spring Gateway 一起使用时出错 [英] "cannot access javax.servlet.Filter" error when using Spring Security with Spring Gateway
问题描述
我将 Spring Gateway 和 Spring Security 放在一起,因为我想保护我的网关.但是在实现以下扩展WebSecurityConfigurerAdapter的类后,项目抛出
I have Spring Gateway and Spring Security together because I want to secure my gateway. But after implementing the following class extending WebSecurityConfigurerAdapter, the project throws
java: 无法访问 javax.servlet.Filter
java: cannot access javax.servlet.Filter
@Configuration
@EnableWebSecurity
public class SecurityConfigurer extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
InMemoryUserDetailsManager userDetails = new InMemoryUserDetailsManager();
UserDetails user = User.withUsername("foo").password(passwordEncoder().encode("bar")).build();
userDetails.createUser(user);
auth.userDetailsService(userDetails).passwordEncoder(passwordEncoder());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic();
http.authorizeRequests().anyRequest().authenticated();
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder(8);
}
}
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.4.5</version>
<relativePath/>
</parent>
<groupId>com.gabriel</groupId>
<artifactId>gateway-service</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>gateway-service</name>
<description>Demo project for Spring Boot</description>
<properties>
<java.version>16</java.version>
<spring-cloud.version>2020.0.2</spring-cloud.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-gateway</artifactId>
<version>3.0.2</version>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
<version>3.0.2</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
推荐答案
来自 Spring Cloud Gateway 文档:
From the Spring Cloud Gateway documentation:
Spring Cloud Gateway 需要 Spring Boot 和 Spring Webflux 提供的 Netty 运行时.它不适用于传统的 Servlet 容器或构建为 WAR 时.
Spring Cloud Gateway requires the Netty runtime provided by Spring Boot and Spring Webflux. It does not work in a traditional Servlet Container or when built as a WAR.
扩展 WebSecurityConfigurerAdapter 用于基于 servlet 的应用程序.
Extending WebSecurityConfigurerAdapter is for servlet based applications.
您应该改为配置 响应式应用程序的 Spring Security.
@Configuration
@EnableWebFluxSecurity
public class HelloWebfluxSecurityConfig {
@Bean
public MapReactiveUserDetailsService userDetailsService() {
UserDetails user = User.withUsername("foo").password(passwordEncoder().encode("bar")).build();
return new MapReactiveUserDetailsService(user);
}
@Bean
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
.authorizeExchange(exchanges -> exchanges
.anyExchange().authenticated()
)
.httpBasic(withDefaults());
return http.build();
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder(8);
}
}
这篇关于“无法访问 javax.servlet.Filter"将 Spring Security 与 Spring Gateway 一起使用时出错的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
