问题描述
我试图通过在CDI Bean中定义 BasicAuthenticationMechanismDeFinition 来在应用程序中使用Jakarta EE 8 Security:
@BasicAuthenticationMechanismDeFinition(
realmName = "RealmUsersRoles")
@ApplicationScoped
public class ApplicationConfig{}
我使用的领域是elytron中定义的FileSystemRealm。接下来,我在端点中指定了允许的角色:
@WebServlet("/secured")
@DeclareRoles({"Administrator"})
@ServletSecurity(@HttpConstraint(rolesAllowed = { "Administrator" }))
public class SecuredServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req,HttpServletResponse resp) throws servletexception,IOException {
// Do something
}
}
我添加了以下依赖项以在WildFly 20上构建和部署应用程序:
<dependency>
<groupId>jakarta.security.enterprise</groupId>
<artifactId>jakarta.security.enterprise-api</artifactId>
</dependency>
<dependency>
<groupId>org.glassfish.soteria</groupId>
<artifactId>javax.security.enterprise</artifactId>
<version>1.0</version>
</dependency>
在请求受保护资源时,返回以下错误:
java.lang.IllegalStateException: Could not find beans for Type=interface javax.security.enterprise.identitystore.IdentityStore
at org.glassfish.soteria@1.0.1-jbossorg-1//org.glassfish.soteria.cdi.CdiUtils.getBeanDeFinitions(CdiUtils.java:194)
at org.glassfish.soteria@1.0.1-jbossorg-1//org.glassfish.soteria.cdi.CdiUtils.getBeanReferencesByType(CdiUtils.java:158)
at org.glassfish.soteria@1.0.1-jbossorg-1//org.glassfish.soteria.cdi.DefaultIdentityStoreHandler.init(DefaultIdentityStoreHandler.java:51)
at org.glassfish.soteria@1.0.1-jbossorg-1//org.glassfish.soteria.cdi.CdiExtension.lambda$afterBean$12(CdiExtension.java:215)
at org.glassfish.soteria@1.0.1-jbossorg-1//org.glassfish.soteria.cdi.CdiProducer.create(CdiProducer.java:80)
at org.jboss.weld.core@3.1.4.Final//org.jboss.weld.contexts.AbstractContext.get(AbstractContext.java:96)
at org.jboss.weld.core@3.1.4.Final//org.jboss.weld.bean.ContextualInstanceStrategy$DefaultContextualInstanceStrategy.get(ContextualInstanceStrategy.java:100)
at org.jboss.weld.core@3.1.4.Final//org.jboss.weld.bean.ContextualInstance.get(ContextualInstance.java:50)
at org.jboss.weld.core@3.1.4.Final//org.jboss.weld.bean.proxy.ContextBeanInstance.getInstance(ContextBeanInstance.java:102)
at org.jboss.weld.core@3.1.4.Final//org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:105)
at deployment.http-basic.war//org.jboss.weldx.security.enterprise.identitystore.IdentityStoreHandler$1763020431$Proxy$_$$_WeldClientProxy.validate(UnkNown Source)
at org.glassfish.soteria@1.0.1-jbossorg-1//org.glassfish.soteria.mechanisms.BasicAuthenticationMechanism.validateRequest(BasicAuthenticationMechanism.java:60)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
我是否错过了应用程序中的任何依赖项?还是glassfish.soteria依赖项的版本错误?
非常感谢您的帮助 谢谢
解决方法
您需要提供 javax.security.enterprise.identitystore.IdentityStore 的实现
您可以使用 LdapIdentityStoreDefinition or DatabaseIdentityStoreDefinition 或提供您自己的实现 ApplicationScoped 的 bean (IdentityStore)。