我有一個使用 spring security 和 keycloak 的 springboot 應用程式。執行應用程式時,使用 jwt 令牌進行保護按預期作業。
然后我有一個單獨的測驗 application.yml,我嘗試禁用 keycloak,如網路教程中所示。
對于 webmvc 測驗,這不能按預期作業。盡管我嘗試禁用所有與安全和密鑰斗篷相關的內容,但仍然KeycloakWebSecurityConfigurerAdapter嘗試使用KeycloakConfigResolver該類,但沒有找到它。然后它回退到加載 keycloak.json 檔案并失敗。
我必須做什么才能使 MockMvc 測驗作業?我只想讓配置 HttpSecurity 方法中實作的每個請求都被允許。keycloak 基本上不應該用于 mockmvc 測驗。
起居室:
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.7.4-SNAPSHOT</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
[...]
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-spring-boot-starter</artifactId>
<version>19.0.2</version>
</dependency>
配置:
keycloak:
enabled: false
realm: mock
resource: mock
auth-server-url: http://mock
bearer-only: true
credentials:
secret: mock
spring:
autoconfigure:
exclude: org.keycloak.adapters.springboot.KeycloakAutoConfiguration
Keycloak Bean 配置:
@Configuration
@EnableWebSecurity
@ConditionalOnProperty(name = ["keycloak.enabled"], havingValue = "false", matchIfMissing = false)
class KeycloakDisabledConfig: KeycloakWebSecurityConfigurerAdapter(){
override fun configure(http: HttpSecurity) {
http.csrf()
.disable()
.authorizeRequests()
.anyRequest()
.permitAll()
}
override fun configure(web: WebSecurity) {
web.ignoring().antMatchers("/**")
}
override fun sessionAuthenticationStrategy(): SessionAuthenticationStrategy = RegisterSessionAuthenticationStrategy(
SessionRegistryImpl()
)
測驗:
@WebMvcTest(value = [OrganizationController::class], excludeAutoConfiguration = [SecurityAutoConfiguration::class])
@AutoConfigureMockMvc(addFilters = false)
@Import(value = [
OrganizationMapper::class
])
internal class OrganizationControllerTest{
@Autowired
lateinit var mockmvc: MockMvc
加載背景關系:
Positive matches:
-----------------
ErrorMvcAutoConfiguration matched:
- @ConditionalOnClass found required classes 'javax.servlet.Servlet', 'org.springframework.web.servlet.DispatcherServlet' (OnClassCondition)
- found 'session' scope (OnWebApplicationCondition)
ErrorMvcAutoConfiguration#basicErrorController matched:
- @ConditionalOnMissingBean (types: org.springframework.boot.web.servlet.error.ErrorController; SearchStrategy: current) did not find any beans (OnBeanCondition)
ErrorMvcAutoConfiguration#errorAttributes matched:
- @ConditionalOnMissingBean (types: org.springframework.boot.web.servlet.error.ErrorAttributes; SearchStrategy: current) did not find any beans (OnBeanCondition)
ErrorMvcAutoConfiguration.WhitelabelErrorViewConfiguration matched:
- @ConditionalOnProperty (server.error.whitelabel.enabled) matched (OnPropertyCondition)
- ErrorTemplate Missing did not find error template view (ErrorMvcAutoConfiguration.ErrorTemplateMissingCondition)
ErrorMvcAutoConfiguration.WhitelabelErrorViewConfiguration#beanNameViewResolver matched:
- @ConditionalOnMissingBean (types: org.springframework.web.servlet.view.BeanNameViewResolver; SearchStrategy: all) did not find any beans (OnBeanCondition)
ErrorMvcAutoConfiguration.WhitelabelErrorViewConfiguration#defaultErrorView matched:
- @ConditionalOnMissingBean (names: error; SearchStrategy: all) did not find any beans (OnBeanCondition)
GsonAutoConfiguration matched:
- @ConditionalOnClass found required class 'com.google.gson.Gson' (OnClassCondition)
GsonAutoConfiguration#gson matched:
- @ConditionalOnMissingBean (types: com.google.gson.Gson; SearchStrategy: all) did not find any beans (OnBeanCondition)
GsonAutoConfiguration#gsonBuilder matched:
- @ConditionalOnMissingBean (types: com.google.gson.GsonBuilder; SearchStrategy: all) did not find any beans (OnBeanCondition)
GsonHttpMessageConvertersConfiguration matched:
- @ConditionalOnClass found required class 'com.google.gson.Gson' (OnClassCondition)
HttpEncodingAutoConfiguration matched:
- @ConditionalOnClass found required class 'org.springframework.web.filter.CharacterEncodingFilter' (OnClassCondition)
- found 'session' scope (OnWebApplicationCondition)
- @ConditionalOnProperty (server.servlet.encoding.enabled) matched (OnPropertyCondition)
HttpEncodingAutoConfiguration#characterEncodingFilter matched:
- @ConditionalOnMissingBean (types: org.springframework.web.filter.CharacterEncodingFilter; SearchStrategy: all) did not find any beans (OnBeanCondition)
HttpMessageConvertersAutoConfiguration matched:
- @ConditionalOnClass found required class 'org.springframework.http.converter.HttpMessageConverter' (OnClassCondition)
- NoneNestedConditions 0 matched 1 did not; NestedCondition on HttpMessageConvertersAutoConfiguration.NotReactiveWebApplicationCondition.ReactiveWebApplication did not find reactive web application classes (HttpMessageConvertersAutoConfiguration.NotReactiveWebApplicationCondition)
HttpMessageConvertersAutoConfiguration#messageConverters matched:
- @ConditionalOnMissingBean (types: org.springframework.boot.autoconfigure.http.HttpMessageConverters; SearchStrategy: all) did not find any beans (OnBeanCondition)
HttpMessageConvertersAutoConfiguration.StringHttpMessageConverterConfiguration matched:
- @ConditionalOnClass found required class 'org.springframework.http.converter.StringHttpMessageConverter' (OnClassCondition)
HttpMessageConvertersAutoConfiguration.StringHttpMessageConverterConfiguration#stringHttpMessageConverter matched:
- @ConditionalOnMissingBean (types: org.springframework.http.converter.StringHttpMessageConverter; SearchStrategy: all) did not find any beans (OnBeanCondition)
JacksonAutoConfiguration matched:
- @ConditionalOnClass found required class 'com.fasterxml.jackson.databind.ObjectMapper' (OnClassCondition)
JacksonAutoConfiguration.Jackson2ObjectMapperBuilderCustomizerConfiguration matched:
- @ConditionalOnClass found required class 'org.springframework.http.converter.json.Jackson2ObjectMapperBuilder' (OnClassCondition)
JacksonAutoConfiguration.JacksonObjectMapperBuilderConfiguration matched:
- @ConditionalOnClass found required class 'org.springframework.http.converter.json.Jackson2ObjectMapperBuilder' (OnClassCondition)
JacksonAutoConfiguration.JacksonObjectMapperBuilderConfiguration#jacksonObjectMapperBuilder matched:
- @ConditionalOnMissingBean (types: org.springframework.http.converter.json.Jackson2ObjectMapperBuilder; SearchStrategy: all) did not find any beans (OnBeanCondition)
JacksonAutoConfiguration.JacksonObjectMapperConfiguration matched:
- @ConditionalOnClass found required class 'org.springframework.http.converter.json.Jackson2ObjectMapperBuilder' (OnClassCondition)
JacksonAutoConfiguration.JacksonObjectMapperConfiguration#jacksonObjectMapper matched:
- @ConditionalOnMissingBean (types: com.fasterxml.jackson.databind.ObjectMapper; SearchStrategy: all) did not find any beans (OnBeanCondition)
JacksonAutoConfiguration.ParameterNamesModuleConfiguration matched:
- @ConditionalOnClass found required class 'com.fasterxml.jackson.module.paramnames.ParameterNamesModule' (OnClassCondition)
JacksonAutoConfiguration.ParameterNamesModuleConfiguration#parameterNamesModule matched:
- @ConditionalOnMissingBean (types: com.fasterxml.jackson.module.paramnames.ParameterNamesModule; SearchStrategy: all) did not find any beans (OnBeanCondition)
JacksonHttpMessageConvertersConfiguration.MappingJackson2HttpMessageConverterConfiguration matched:
- @ConditionalOnClass found required class 'com.fasterxml.jackson.databind.ObjectMapper' (OnClassCondition)
- @ConditionalOnProperty (spring.mvc.converters.preferred-json-mapper=jackson) matched (OnPropertyCondition)
- @ConditionalOnBean (types: com.fasterxml.jackson.databind.ObjectMapper; SearchStrategy: all) found bean 'jacksonObjectMapper' (OnBeanCondition)
JacksonHttpMessageConvertersConfiguration.MappingJackson2HttpMessageConverterConfiguration#mappingJackson2HttpMessageConverter matched:
- @ConditionalOnMissingBean (types: org.springframework.http.converter.json.MappingJackson2HttpMessageConverter ignored: org.springframework.hateoas.server.mvc.TypeConstrainedMappingJackson2HttpMessageConverter,org.springframework.data.rest.webmvc.alps.AlpsJsonHttpMessageConverter; SearchStrategy: all) did not find any beans (OnBeanCondition)
KeycloakDisabledConfig matched:
- @ConditionalOnProperty (keycloak.enabled=false) matched (OnPropertyCondition)
MockMvcAutoConfiguration matched:
- found 'session' scope (OnWebApplicationCondition)
MockMvcAutoConfiguration#dispatcherServlet matched:
- @ConditionalOnMissingBean (types: org.springframework.web.servlet.DispatcherServlet; SearchStrategy: all) did not find any beans (OnBeanCondition)
MockMvcAutoConfiguration#dispatcherServletPath matched:
- @ConditionalOnMissingBean (types: org.springframework.boot.autoconfigure.web.servlet.DispatcherServletPath; SearchStrategy: all) did not find any beans (OnBeanCondition)
MockMvcAutoConfiguration#mockMvc matched:
- @ConditionalOnMissingBean (types: org.springframework.test.web.servlet.MockMvc; SearchStrategy: all) did not find any beans (OnBeanCondition)
MockMvcAutoConfiguration#mockMvcBuilder matched:
- @ConditionalOnMissingBean (types: org.springframework.test.web.servlet.MockMvcBuilder; SearchStrategy: all) did not find any beans (OnBeanCondition)
NoOpCacheConfiguration matched:
- Cache org.springframework.boot.autoconfigure.cache.NoOpCacheConfiguration NONE cache type (CacheCondition)
SecurityFilterAutoConfiguration matched:
- @ConditionalOnClass found required classes 'org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer', 'org.springframework.security.config.http.SessionCreationPolicy' (OnClassCondition)
- found 'session' scope (OnWebApplicationCondition)
SecurityFilterAutoConfiguration#securityFilterChainRegistration matched:
- @ConditionalOnBean (names: springSecurityFilterChain; SearchStrategy: all) found bean 'springSecurityFilterChain' (OnBeanCondition)
SpringDataWebAutoConfiguration matched:
- @ConditionalOnClass found required classes 'org.springframework.data.web.PageableHandlerMethodArgumentResolver', 'org.springframework.web.servlet.config.annotation.WebMvcConfigurer' (OnClassCondition)
- found 'session' scope (OnWebApplicationCondition)
- @ConditionalOnMissingBean (types: org.springframework.data.web.PageableHandlerMethodArgumentResolver; SearchStrategy: all) did not find any beans (OnBeanCondition)
SpringDataWebAutoConfiguration#pageableCustomizer matched:
- @ConditionalOnMissingBean (types: org.springframework.data.web.config.PageableHandlerMethodArgumentResolverCustomizer; SearchStrategy: all) did not find any beans (OnBeanCondition)
SpringDataWebAutoConfiguration#sortCustomizer matched:
- @ConditionalOnMissingBean (types: org.springframework.data.web.config.SortHandlerMethodArgumentResolverCustomizer; SearchStrategy: all) did not find any beans (OnBeanCondition)
TaskExecutionAutoConfiguration matched:
- @ConditionalOnClass found required class 'org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor' (OnClassCondition)
TaskExecutionAutoConfiguration#applicationTaskExecutor matched:
- @ConditionalOnMissingBean (types: java.util.concurrent.Executor; SearchStrategy: all) did not find any beans (OnBeanCondition)
TaskExecutionAutoConfiguration#taskExecutorBuilder matched:
- @ConditionalOnMissingBean (types: org.springframework.boot.task.TaskExecutorBuilder; SearchStrategy: all) did not find any beans (OnBeanCondition)
UserDetailsServiceAutoConfiguration matched:
- @ConditionalOnClass found required class 'org.springframework.security.authentication.AuthenticationManager' (OnClassCondition)
- @ConditionalOnBean (types: org.springframework.security.config.annotation.ObjectPostProcessor; SearchStrategy: all) found bean 'objectPostProcessor'; @ConditionalOnMissingBean (types: org.springframework.security.authentication.AuthenticationManager,org.springframework.security.authentication.AuthenticationProvider,org.springframework.security.core.userdetails.UserDetailsService,org.springframework.security.authentication.AuthenticationManagerResolver,org.springframework.security.oauth2.jwt.JwtDecoder,org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector,org.springframework.security.oauth2.client.registration.ClientRegistrationRepository,org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository; SearchStrategy: all) did not find any beans (OnBeanCondition)
ValidationAutoConfiguration matched:
- @ConditionalOnClass found required class 'javax.validation.executable.ExecutableValidator' (OnClassCondition)
- @ConditionalOnResource found location classpath:META-INF/services/javax.validation.spi.ValidationProvider (OnResourceCondition)
ValidationAutoConfiguration#defaultValidator matched:
- @ConditionalOnMissingBean (types: javax.validation.Validator; SearchStrategy: all) did not find any beans (OnBeanCondition)
ValidationAutoConfiguration#methodValidationPostProcessor matched:
- @ConditionalOnMissingBean (types: org.springframework.validation.beanvalidation.MethodValidationPostProcessor; SearchStrategy: current) did not find any beans (OnBeanCondition)
WebMvcAutoConfiguration matched:
- @ConditionalOnClass found required classes 'javax.servlet.Servlet', 'org.springframework.web.servlet.DispatcherServlet', 'org.springframework.web.servlet.config.annotation.WebMvcConfigurer' (OnClassCondition)
- found 'session' scope (OnWebApplicationCondition)
- @ConditionalOnMissingBean (types: org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport; SearchStrategy: all) did not find any beans (OnBeanCondition)
WebMvcAutoConfiguration#formContentFilter matched:
- @ConditionalOnProperty (spring.mvc.formcontent.filter.enabled) matched (OnPropertyCondition)
- @ConditionalOnMissingBean (types: org.springframework.web.filter.FormContentFilter; SearchStrategy: all) did not find any beans (OnBeanCondition)
WebMvcAutoConfiguration.EnableWebMvcConfiguration#flashMapManager matched:
- @ConditionalOnMissingBean (names: flashMapManager; SearchStrategy: all) did not find any beans (OnBeanCondition)
WebMvcAutoConfiguration.EnableWebMvcConfiguration#localeResolver matched:
- @ConditionalOnMissingBean (names: localeResolver; SearchStrategy: all) did not find any beans (OnBeanCondition)
WebMvcAutoConfiguration.EnableWebMvcConfiguration#themeResolver matched:
- @ConditionalOnMissingBean (names: themeResolver; SearchStrategy: all) did not find any beans (OnBeanCondition)
WebMvcAutoConfiguration.WebMvcAutoConfigurationAdapter#defaultViewResolver matched:
- @ConditionalOnMissingBean (types: org.springframework.web.servlet.view.InternalResourceViewResolver; SearchStrategy: all) did not find any beans (OnBeanCondition)
WebMvcAutoConfiguration.WebMvcAutoConfigurationAdapter#requestContextFilter matched:
- @ConditionalOnMissingBean (types: org.springframework.web.context.request.RequestContextListener,org.springframework.web.filter.RequestContextFilter; SearchStrategy: all) did not find any beans (OnBeanCondition)
WebMvcAutoConfiguration.WebMvcAutoConfigurationAdapter#viewResolver matched:
- @ConditionalOnBean (types: org.springframework.web.servlet.ViewResolver; SearchStrategy: all) found beans 'defaultViewResolver', 'beanNameViewResolver', 'mvcViewResolver'; @ConditionalOnMissingBean (names: viewResolver types: org.springframework.web.servlet.view.ContentNegotiatingViewResolver; SearchStrategy: all) did not find any beans (OnBeanCondition)
堆疊跟蹤:
Caused by: java.io.FileNotFoundException: Unable to locate Keycloak configuration file: keycloak.json
at org.keycloak.adapters.springsecurity.AdapterDeploymentContextFactoryBean.loadKeycloakDeployment(AdapterDeploymentContextFactoryBean.java:83) ~[keycloak-spring-security-adapter-19.0.1.jar:19.0.1]
at org.keycloak.adapters.springsecurity.AdapterDeploymentContextFactoryBean.afterPropertiesSet(AdapterDeploymentContextFactoryBean.java:76) ~[keycloak-spring-security-adapter-19.0.1.jar:19.0.1]
at org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter.adapterDeploymentContext(KeycloakWebSecurityConfigurerAdapter.java:72) ~[keycloak-spring-security-adapter-19.0.1.jar:19.0.1]
at com.jschausberger.demo.keycloak.KeycloakDisabledConfig$$EnhancerBySpringCGLIB$$ef3c2204.CGLIB$adapterDeploymentContext$13(<generated>) ~[classes/:na]
at com.jschausberger.demo.keycloak.KeycloakDisabledConfig$$EnhancerBySpringCGLIB$$ef3c2204$$FastClassBySpringCGLIB$$3c55188.invoke(<generated>) ~[classes/:na]
at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:244) ~[spring-core-5.3.23.jar:5.3.23]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:331) ~[spring-context-5.3.23.jar:5.3.23]
at com.jschausberger.demo.keycloak.KeycloakDisabledConfig$$EnhancerBySpringCGLIB$$ef3c2204.adapterDeploymentContext(<generated>) ~[classes/:na]
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:na]
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) ~[na:na]
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:na]
at java.base/java.lang.reflect.Method.invoke(Method.java:568) ~[na:na]
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154) ~[spring-beans-5.3.23.jar:5.3.23]
... 91 common frames omitted
uj5u.com熱心網友回復:
首先,不要將 Keycloak 配接器用于 Spring ( keycloak-spring-boot-starter)。它非常不推薦使用,并且與 spring-boot 3(本周 RC1,11 月發布)不兼容。改為使用spring-boot-starter-oauth2-resource-server。文章在這里,更多教程在那里。
其次,不要在單元測驗中禁用安全性。使用模擬身份驗證并使用它來對您的安全規則進行單元測驗。您可以參考上面鏈接的文章和教程來了解如何操作。
轉載請註明出處,本文鏈接:https://www.uj5u.com/ruanti/518072.html