ServerHttpSecurity bean not found

Question

ServerHttpSecurity bean not found

5.9k views Asked by Gregory Curtis At 21 September 2024 at 01:25

I have a Security config class that has a SecurityWebFilterChain bean in it. This bean requires a ServerHttpSecuirty instance but spring says that it cannot find any beans of that type though there is one created in the external library (org.springframework.security.config.annotation.web.reactive.ServerHttpSecurityConfiguration). I have seen this issue on a github page and they said try a different version but I am using spring boot 2.4.5 so it should work.

My Security Config class:

@Configuration
public class SecurityConfig {
@Bean
SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http,
                                            JwtTokenProvider tokenProvider,
                                            ReactiveAuthenticationManager reactiveAuthenticationManager) {
    final String TAG_SERVICES = "/api/**";

    return http.csrf(ServerHttpSecurity.CsrfSpec::disable)
            .httpBasic(ServerHttpSecurity.HttpBasicSpec::disable)
            .authenticationManager(reactiveAuthenticationManager)
            .securityContextRepository(NoOpServerSecurityContextRepository.getInstance())
            .authorizeExchange(it -> it
                    .pathMatchers(HttpMethod.POST, TAG_SERVICES).hasAnyRole("USER","ADMIN")
                    .pathMatchers(HttpMethod.PUT, TAG_SERVICES).hasAnyRole("USER","ADMIN")
                    .pathMatchers(HttpMethod.GET, TAG_SERVICES).hasAnyRole("USER","ADMIN")
                    .pathMatchers(HttpMethod.DELETE, TAG_SERVICES).hasAnyRole("USER","ADMIN")
                    .pathMatchers(TAG_SERVICES).authenticated()
                    .anyExchange().permitAll()
            )
            .addFilterAt(new JwtTokenAuthenticationFilter(tokenProvider), SecurityWebFiltersOrder.HTTP_BASIC)
            .build();


}

}

My application class

@ConfigurationPropertiesScan

@SpringBootApplication(exclude={DataSourceAutoConfiguration.class}) public class TestPlatformBackendApplication {

public static void main(String[] args) {
    SpringApplication.run(TestPlatformBackendApplication.class, args);
}

}

External Library Bean:

@Bean({"org.springframework.security.config.annotation.web.reactive.HttpSecurityConfiguration.httpSecurity"})
@Scope("prototype")
ServerHttpSecurity httpSecurity() {
    ServerHttpSecurityConfiguration.ContextAwareServerHttpSecurity http = new ServerHttpSecurityConfiguration.ContextAwareServerHttpSecurity();
    return http.authenticationManager(this.authenticationManager()).headers().and().logout().and();
}

Original Q&A

There are 1 answers

**Gregory Curtis** · Accepted Answer · 2021-05-17 08:34:59

As Toerktumlare recommended in the comments (1, 2) I added @EnableWebFluxSecurity to my security config:

@Configuration
@EnableWebFluxSecurity
public class SecurityConfig {

But I also added the following to my exclude in the @SpringBootApplication annotation.

@ConfigurationPropertiesScan
    @SpringBootApplication(exclude={DataSourceAutoConfiguration.class, SecurityAutoConfiguration.class, ManagementWebSecurityAutoConfiguration.class})
    public class TestPlatformBackendApplication {

    public static void main(String[] args) {
        SpringApplication.run(TestPlatformBackendApplication.class, args);
    }

}

TechQA.

ServerHttpSecurity bean not found

There are 1 answers

Related Questions in SPRING

Related Questions in SPRING-BOOT

Related Questions in SPRING-WEBFLUX

Related Questions in WEBFLUX

Popular Questions

Popular Tags

Trending Questions