spring踩坑日志
WebMvcConfigurerAdapter在Spring5.0已被废弃
- 直接实现WebMvcConfigurer (官方推荐)
例如:
@Configuration
public class WebMvcConfg implements WebMvcConfigurer {
}
- 直接继承WebMvcConfigurationSupport
例如:
@Configuration
public class WebMvcConfg extends WebMvcConfigurationSupport {
}
AuthenticationManager无法注入
Spring Security 4.x -> 5.x 踩坑记录
在覆写AuthorizationServerConfigurerAdapter类的public void configure(AuthorizationServerEndpointsConfigurer endpoints) 方法时,往往需要显式注入AuthenticationManager ,但是在5.x版本中,启动会报如下错误:
***************************
APPLICATION FAILED TO START
***************************
Description:
Field authenticationManager in cn.springcloud.book.OAuthConfiguration required a bean of type 'org.springframework.security.authentication.AuthenticationManager' that could not be found.
Action:
Consider defining a bean of type 'org.springframework.security.authentication.AuthenticationManager' in your configuration.
解决方案:
在启动主类继承WebSecurityConfigurerAdapter 类同时,手动注入:
@Bean(name = BeanIds.AUTHENTICATION_MANAGER)
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
登陆报错:There is no PasswordEncoder mapped for the id “null”
在使用Spring Security 5.x登陆页面进行登陆时,后端会报错:There is no PasswordEncoder mapped for the id “null”,因为5.x版本新增了多种密码加密方式,必须指定一种,比如这样解决:
@Bean
public static NoOpPasswordEncoder passwordEncoder() {
return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance();
}
下列加密方式供参考,选取一种即可:
bcrypt - BCryptPasswordEncoder (Also used for encoding)
ldap - LdapShaPasswordEncoder
MD4 - Md4PasswordEncoder
MD5 - new MessageDigestPasswordEncoder("MD5")
noop - NoOpPasswordEncoder
pbkdf2 - Pbkdf2PasswordEncoder
scrypt - SCryptPasswordEncoder
SHA-1 - new MessageDigestPasswordEncoder("SHA-1")
SHA-256 - new MessageDigestPasswordEncoder("SHA-256")
sha256 - StandardPasswordEncoder
不加密。
.secret("{noop}secret")
noop代表纯文本格式,参考https://spring.io/blog/2017/11/01/spring-security-5-0-0-rc1-released#password-storage-format;
