我正试图通过在CDI Bean中定义BasicAuthenticationMechanismDefinition来在我的应用程序中使用Jakarta EE 8 Security:
@BasicAuthenticationMechanismDefinition(
realmName = "RealmUsersRoles")
@ApplicationScoped
public class ApplicationConfig{}
我使用的Realm是在Elytron中定义的FileSystemRealm。接下来,我在端点中指定了允许的角色:
@WebServlet("/secured")
@DeclareRoles({"Administrator"})
@ServletSecurity(@HttpConstraint(rolesAllowed = { "Administrator" }))
public class SecuredServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// Do something
}
}
我添加了以下依赖项来在WildFly 20上构建和部署应用程序:
<dependency>
<groupId>jakarta.security.enterprise</groupId>
<artifactId>jakarta.security.enterprise-api</artifactId>
</dependency>
<dependency>
<groupId>org.glassfish.soteria</groupId>
<artifactId>javax.security.enterprise</artifactId>
<version>1.0</version>
</dependency>
请求安全资源时,会返回以下错误:
java.lang.IllegalStateException: Could not find beans for Type=interface javax.security.enterprise.identitystore.IdentityStore
at org.glassfish.soteria@1.0.1-jbossorg-1//org.glassfish.soteria.cdi.CdiUtils.getBeanDefinitions(CdiUtils.java:194)
at org.glassfish.soteria@1.0.1-jbossorg-1//org.glassfish.soteria.cdi.CdiUtils.getBeanReferencesByType(CdiUtils.java:158)
at org.glassfish.soteria@1.0.1-jbossorg-1//org.glassfish.soteria.cdi.DefaultIdentityStoreHandler.init(DefaultIdentityStoreHandler.java:51)
at org.glassfish.soteria@1.0.1-jbossorg-1//org.glassfish.soteria.cdi.CdiExtension.lambda$afterBean$12(CdiExtension.java:215)
at org.glassfish.soteria@1.0.1-jbossorg-1//org.glassfish.soteria.cdi.CdiProducer.create(CdiProducer.java:80)
at org.jboss.weld.core@3.1.4.Final//org.jboss.weld.contexts.AbstractContext.get(AbstractContext.java:96)
at org.jboss.weld.core@3.1.4.Final//org.jboss.weld.bean.ContextualInstanceStrategy$DefaultContextualInstanceStrategy.get(ContextualInstanceStrategy.java:100)
at org.jboss.weld.core@3.1.4.Final//org.jboss.weld.bean.ContextualInstance.get(ContextualInstance.java:50)
at org.jboss.weld.core@3.1.4.Final//org.jboss.weld.bean.proxy.ContextBeanInstance.getInstance(ContextBeanInstance.java:102)
at org.jboss.weld.core@3.1.4.Final//org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:105)
at deployment.http-basic.war//org.jboss.weldx.security.enterprise.identitystore.IdentityStoreHandler$1763020431$Proxy$_$$_WeldClientProxy.validate(Unknown Source)
at org.glassfish.soteria@1.0.1-jbossorg-1//org.glassfish.soteria.mechanisms.BasicAuthenticationMechanism.validateRequest(BasicAuthenticationMechanism.java:60)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
我的应用程序中是否遗漏了任何依赖项?或者可能是glassfish.soteria依赖关系的错误版本?
非常感谢您的帮助感谢
您需要提供javax.security.enterprise.identitystore.IdentityStore的实现您可以使用LdapIdentityStoreDefinition orDatabaseIdentityStoreDefinition或提供自己的bean(ApplicationScoped(来实现IdentityStore。