如何在spring security中添加@secure注释
如何在控制器的方法中添加@Secure annoatation并使其运行? 现在,当我运行它时,得到了如下异常:
org.springframework.beans.factory.BeanCreationException:在文件[C: workspace sts springsource vfabric-tc-server-developer-2.6.1.RELEASE spring-insight-instance中定义名称'companyController' wtpwebapps BillingEngine WEB-INF classes com sesami common management web controller CompanyController.class]:bean初始化失败; 嵌套的异常是org.springframework.aop.framework.AopConfigException:意外的AOP异常; 嵌套异常是org.springframework.beans.factory.BeanCreationException:使用名称'org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor#0'创建bean时出错:无法在设置bean属性'accessDecisionManager时解析对bean'accessDecisionManager'的引用“; 嵌套异常是org.springframework.beans.factory.NoSuchBeanDefinitionException:没有名为'accessDecisionManager'的bean在org.apache.catalina.core.StandardContext中定义org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4723)$ 1 .call(java.lang.Thread.run处的StandardContext.java(未知源))引起的:org.springframework.aop.framework.AopConfigException:意外的AOP异常;嵌套的异常是org.springframework.beans.factory.BeanCreationException:创建错误名为'org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor#0'的bean:设置bean属性'accessDecisionManager'时无法解析对bean'accessDecisionManager'的引用;嵌套异常在... 19更多
我有spring security .xml
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-安全3.0.xsd“>
<global-method-security secured-annotations="enabled">
<!--
<protect-pointcut access="ROLE_ADMIN"
expression="execution(* com.sesami.common.management.web.controller.AdminController.*(..))" />
-->
</global-method-security>
<!-- URL pattern based security -->
<http auto-config="false" entry-point-ref="authenticationEntryPoint"
use-expressions="true">
<custom-filter ref="authenticationFilter" position="FORM_LOGIN_FILTER" />
<intercept-url access="hasRole('ROLE_ADMIN')" pattern="/common/admin/**" />
<intercept-url pattern="/common/accounting/**" access="hasRole('ROLE_USER')" />
<intercept-url pattern="/common/billing/**" access="hasRole('ROLE_COMPANY')" />
<logout logout-success-url="/" logout-url="/logout"/>
</http>.........
在控制器中,我添加这样的
@Secure("ROLE_ADMIN")
@RequestMapping(value = "/common/admin/addAdmin", method = RequestMethod.GET)
public String add(ModelMap map) {
map.addAttribute(new Administrator());
return "/common/admin/addAdmin";
}
我是否需要配置或导入某个类?
Cannot resolve reference to bean 'accessDecisionManager' while setting bean property 'accessDecisionManager'; nested exception is
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'accessDecisionManager' is defined
Spring应该为你创建一个默认的accessDecisionManager,但看起来没有发生,可能是由于一些配置问题。 只是踢脚本如果你在你的http配置中将auto-config设置为true,会发生什么?
<bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased" xmlns="http://www.springframework.org/schema/beans">
<constructor-arg>
<list>
<bean class="org.springframework.security.oauth2.provider.vote.ScopeVoter" />
<bean class="org.springframework.security.access.vote.RoleVoter" />
<bean class="org.springframework.security.access.vote.AuthenticatedVoter" />
</list>
</constructor-arg>
</bean>
你必须定义这个bean。
链接地址: http://www.djcxy.com/p/68763.html上一篇: how to add @secure annotation in spring security
下一篇: Spring 3.1: DataSource not autowired to @Configuration class