无法定义以KeyClope开头的属性

v9tzhpje  于 2021-10-10  发布在  Java
关注(0)|答案(2)|浏览(277)

无法定义以KeyClope开头的属性。如果keydape-spring-boot-starter-jar观察到jar不知道的keydape属性,它将无法加载属性。如果我们添加前缀,问题就会得到解决” sso “对于属性,是否有一种方法可以避免此错误,即使保留keydape前缀。

keycloak.admin.username=
keycloak.admin.password=

sso.keycloak.admin.username=
sso.keycloak.admin.password=

这就是我们看到的错误 Spring Boot 2.5.0 and Keycloak 13.0.0 ```
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.NullPointerException
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185)
at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:653)
... 21 more
Caused by: java.lang.NullPointerException
at org.springframework.security.config.annotation.web.builders.HttpSecurity.addFilterAtOffsetOf(HttpSecurity.java:2654)
at org.springframework.security.config.annotation.web.builders.HttpSecurity.addFilterAfter(HttpSecurity.java:2645)
at org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter.configure(KeycloakWebSecurityConfigurerAdapter.java:123)
at com.foo.config.KeycloakSecurityConfig.configure(KeycloakSecurityConfig.java:36)
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.getHttp(WebSecurityConfigurerAdapter.java:217)
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:315)
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:93)
at com.foo.config.KeycloakSecurityConfig$$EnhancerBySpringCGLIB$$501f46fb.init()
at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.init(AbstractConfiguredSecurityBuilder.java:338)
at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:300)
at org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:38)
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain(WebSecurityConfiguration.java:127)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:564)
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154)

i7uq4tfw

i7uq4tfw1#

此错误是在SpringBoot2.5.0附带的SpringSecurity版本5.5.0中引入的。之所以会发生这种情况,是因为Key斗篷连续添加了两个过滤器,如下所示:

@Override
protected void configure(HttpSecurity http) throws Exception {
        http
                ...
                .addFilterAfter(keycloakSecurityContextRequestFilter(), SecurityContextHolderAwareRequestFilter.class)
                .addFilterAfter(keycloakAuthenticatedActionsRequestFilter(), KeycloakSecurityContextRequestFilter.class)
                ...
}

现在有一个bug,自定义过滤器顺序没有被持久化,从而导致 NullPointerException 尝试相对于最近添加的另一个自定义筛选器添加筛选器时。
我建议您现在就使用较低版本的spring boot,比如2.4.x,直到github中的问题得到解决。

t30tvxxf

t30tvxxf2#

从KeyClope代码来看,他们似乎只将属性硬连接到了特定的属性。
从keydepospringbootproperties
/这是一个虚拟属性,以避免在使用spring cloud时属性keydove.config.resolver出现重新绑定问题-请参阅keydove-2977/
从他们的代码来看,似乎我们可以利用一种变通方法,他们必须包含额外的属性。但要做到这一点,我们必须在其中添加'config'。

keycloak.config.admin.username=asd
keycloak.config.admin.password=sss

相关问题