我是SAML的新手,也是Spring的安全人员 . 我已根据文档将示例应用程序配置为连接到ADFS服务器 . 当我访问应用程序时,我被适当地重定向到ADFS服务器,但是我输入了用户名和密码,我在应用程序中收到一条错误,指出验证SAML消息时出错 .

为了了解为什么会发生这种情况,我根据文档启用了消息记录(启用samlLogger bean中的三个属性) . 当我这样做时,我在启动时获得以下堆栈跟踪:

2018年9月17日上午11:56:25 org.apache.catalina.core.StandardContext listenerStart SEVERE:将上下文初始化事件发送到类[org.springframework.web.context.ContextLoaderListener] org.springframework.beans的侦听器实例的异常 . factory.BeanCreationException:创建名为'org.springframework.security.filterChains'的bean时出错:在使用key [4]设置bean属性'sourceList'时,无法解析对bean'org.springframework.security.web.DefaultSecurityFilterChain#4'的引用;嵌套异常是org.springframework.beans.factory.BeanCreationException:创建名为'org.springframework.security.web.DefaultSecurityFilterChain#4'的bean时出错:在使用key [0]设置构造函数参数时,无法解析对bean'metadataGeneratorFilter'的引用;嵌套异常是org.springframework.beans.factory.BeanCreationException:创建名为'metadataGeneratorFilter'的bean在ServletContext资源[/WEB-INF/securityContext.xml]中定义时出错:无法创建内部bean'org.springframework.security.saml.metadata设置构造函数参数时,类型为[org.springframework.security.saml.metadata.MetadataGenerator]的.MetadataGenerator#3aca2643';嵌套异常是org.springframework.beans.factory.BeanCreationException:创建名为'org.springframework.security.saml.metadata.MetadataGenerator#3aca2643'的bean时出错:注入自动连接的依赖项失败;嵌套异常是org.springframework.beans.factory.BeanCreationException:无法自动装配方法:public void org.springframework.security.saml.metadata.MetadataGenerator.setSamlEntryPoint(org.springframework.security.saml.SAMLEntryPoint);嵌套异常是org.springframework.beans.factory.BeanCreationException:创建名为'samlEntryPoint'的bean时出错:注入自动连接的依赖项失败;嵌套异常是org.springframework.beans.factory.BeanCreationException:无法自动装配方法:public void org.springframework.security.saml.SAMLEntryPoint.setSamlLogger(org.springframework.security.saml.log.SAMLLogger);嵌套异常是org.springframework.beans.factory.BeanCreationException:创建在ServletContext资源[/WEB-INF/securityContext.xml]中定义名称为'samlLogger'的bean时出错:设置属性值时出错;嵌套异常是org.springframework.beans.NotWritablePropertyException:bean类的无效属性'logAllMessages'[org.springframework.security.saml.log.SAMLDefaultLogger]:Bean属性'logAllMessages'不可写或具有无效的setter方法 . setter的参数类型是否与getter的返回类型匹配? org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:328)位于org.springframework.beans.factory的org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106) .support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:353)在org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:153)在org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory .java:1360)org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1118)org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)at org . springframework.beans.factory.support.Abst orct.springframework.beans.factory.support.AbstractBeanFactory $ 1.getObject(AbstractBeanFactory.java:294)中的ractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)atorg.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:225)位于org.springframework.beans.factory的org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:291) . org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:)中的org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:591)中的support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:193): 918)org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:469)位于org.springframework.web.context.ContextLoader的org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:383) .initWebApplicationContext(ContextLoader.java:283)位于org.springframework.web.context.ContextLoaderListener.contextInitialized( ContextLoaderListener.java:111)org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4745)org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5207)atg.apache.catalina .util.LifecycleBase.start(LifecycleBase.java:150)org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:752)org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:728) )org.apache.catalina.core.StandardHost.addChild(StandardHost.java:734)org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:988)at org.apache.catalina.startup.HostConfig $在java.util的java.util.concurrent.FutureTask.run(FutureTask.java:266)java.util.concurrent.Executors $ RunnableAdapter.call(Executors.java:511)上的DeployWar.run(HostConfig.java:1860) .concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)at java.util.concurrent.ThreadPoolExecutor $ Worker.run(ThreadPoolExecutor.java:624)at java.lang.Thread.run(Thread.java:748)Ca使用者:org.springframework.beans.factory.BeanCreationException:创建名为'org.springframework.security.web.DefaultSecurityFilterChain#4'的bean时出错:在使用key [0]设置构造函数参数时无法解析对bean'metamaGeneratorFilter'的引用;嵌套异常是org.springframework.beans.factory.BeanCreationException:创建名为'metadataGeneratorFilter'的bean在ServletContext资源[/WEB-INF/securityContext.xml]中定义时出错:无法创建内部bean'org.springframework.security.saml.metadata设置构造函数参数时,类型为[org.springframework.security.saml.metadata.MetadataGenerator]的.MetadataGenerator#3aca2643';嵌套异常是org.springframework.beans.factory.BeanCreationException:创建名为'org.springframework.security.saml.metadata.MetadataGenerator#3aca2643'的bean时出错:注入自动连接的依赖项失败;嵌套异常是org.springframework.beans.factory.BeanCreationException:无法自动装配方法:public void org.springframework.security.saml.metadata.MetadataGenerator.setSamlEntryPoint(org.springframework.security.saml.SAMLEntryPoint);嵌套异常是org.springframework.beans.factory.BeanCreationException:创建名为'samlEntryPoint'的bean时出错:注入自动连接的依赖项失败;嵌套异常是org.springframework.beans.factory.BeanCreationException:无法自动装配方法:public void org.springframework.security.saml.SAMLEntryPoint.setSamlLogger(org.springframework.security.saml.log.SAMLLogger);嵌套异常是org.springframework.beans.factory.BeanCreationException:创建在ServletContext资源[/WEB-INF/securityContext.xml]中定义名称为'samlLogger'的bean时出错:设置属性值时出错;嵌套异常是org.springframework.beans.NotWritablePropertyException:bean类的无效属性'logAllMessages'[org.springframework.security.saml.log.SAMLDefaultLogger]:Bean属性'logAllMessages'不可写或具有无效的setter方法 . setter的参数类型是否与getter的返回类型匹配? org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:328)位于org.springframework.beans.factory的org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106) .support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:353)at atOrg.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:153)位于org.springframework.beans.factory的org.springframework.beans.factory.support.ConstructorResolver.resolveConstructorArguments(ConstructorResolver.java:616) . org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory)中的org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1035)中的support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:148) . java:939)org.springframework上的org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:485)org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456) .beans.factory.support.AbstractBeanFactory $ 1 .getObject(AbstractBeanFactory.java:294)org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:225)at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:291) )org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:193)org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)... 30 more

<!-- Logger for SAML messages and events -->
<bean id="samlLogger" class="org.springframework.security.saml.log.SAMLDefaultLogger">
    <!-- Enable these to see the actual SAML Messages in logs -->
    <property name="logAllMessages" value="true"/>
    <property name="logErrors" value="true"/>
    <property name="logMessagesOnException" value="true"/>
</bean>

请帮忙 .

谢谢

肖恩