No qualifying bean of type 'org.springframework.security.config.annotation.web.builders.HttpSec-CodePudding

I'm facing this error when starting my maven application:

No qualifying bean of type 'org.springframework.security.config.annotation.web.builders.HttpSecurity' available: expected at least 1 bean which qualifies as autowire candidate. Dependency annotations: {}

This is how my securityConfiguration looks like:

@Configuration(proxyBeanMethods = false)
public class SecurityConfiguration {

@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
  http.requestMatcher(EndpointRequest.toAnyEndpoint())
    .authorizeRequests((requests) -> requests.anyRequest().permitAll());
  return http.build();
 }
}

I'm executing mvn clean dependency: tree in order to be sure this is included:

[INFO]  - org.springframework.boot:spring-boot-starter-security:jar:2.3.3.RELEASE:compile
[INFO] |   - org.springframework:spring-aop:jar:5.2.8.RELEASE:compile
[INFO] |   - org.springframework.security:spring-security-config:jar:5.3.4.RELEASE:compile
[INFO] |  |  \- org.springframework.security:spring-security-core:jar:5.3.4.RELEASE:compile
[INFO] |  \- org.springframework.security:spring-security-web:jar:5.3.4.RELEASE:compile

So as far as I know all the dependencies are included, and I can not understand the error.

CodePudding user response：

Could you try to upgrade Spring security to version >= 5.4? Because: "In Spring Security 5.4 we introduced the ability to configure HttpSecurity by creating a SecurityFilterChain bean". See docs: https://spring.io/blog/2022/02/21/spring-security-without-the-websecurityconfigureradapter Your current version is: 5.3.4.RELEASE

CodePudding user response：

You need add annotation @EnableWebSecurity on top class SecurityConfiguration.