我正在将基于acegi的旧应用程序的安全性升级到spring-security。
我相信我已经为spring安全条目替换了所有acegi条目,但是当我尝试运行应用程序时,控制台中的第一个错误是:
org.springframework.beans.factory.CannotLoadBeanClassException: Cannot find class [org.springframework.security.web.access.intercept.FilterSecurityInterceptor] for bean with name 'filterSecurityInterceptor' defined in class path resource [spring/spring-framework-security.xml]; nested exception is java.lang.ClassNotFoundException: org.springframework.security.web.access.intercept.FilterSecurityInterceptor
at org.springframework.beans.factory.support.AbstractBeanFactory.resolveBeanClass(AbstractBeanFactory.java:1352) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.determineTargetType(AbstractAutowireCapableBeanFactory.java:628) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.predictBeanType(AbstractAutowireCapableBeanFactory.java:597) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.isFactoryBean(AbstractBeanFactory.java:1445) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE]
at org.springframework.beans.factory.support.DefaultListableBeanFactory.doGetBeanNamesForType(DefaultListableBeanFactory.java:445) [spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE]
at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanNamesForType(DefaultListableBeanFactory.java:415) [spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE]
at org.springframework.context.support.PostProcessorRegistrationDelegate.invokeBeanFactoryPostProcessors(PostProcessorRegistrationDelegate.java:86) [spring-context-4.2.4.RELEASE.jar:4.2.4.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.invokeBeanFactoryPostProcessors(AbstractApplicationContext.java:678) [spring-context-4.2.4.RELEASE.jar:4.2.4.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.__refresh(AbstractApplicationContext.java:520) [spring-context-4.2.4.RELEASE.jar:4.2.4.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java) [spring-context-4.2.4.RELEASE.jar:4.2.4.RELEASE]
at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:446) [spring-web-4.2.4.RELEASE.jar:4.2.4.RELEASE]
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:328) [spring-web-4.2.4.RELEASE.jar:4.2.4.RELEASE]
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:107) [spring-web-4.2.4.RELEASE.jar:4.2.4.RELEASE]
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:5077) [catalina.jar:7.0.67]
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5591) [catalina.jar:7.0.67]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) [catalina.jar:7.0.67]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1574) [catalina.jar:7.0.67]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1564) [catalina.jar:7.0.67]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) [na:1.8.0_66]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_66]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_66]
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_66]
spring/spring-framework-security.xml中此bean的定义是:
<bean id="filterSecurityInterceptor" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
<property name="authenticationManager" ref="authenticationManager" />
<property name="accessDecisionManager" ref="accessDecisionManager" />
<property name="objectDefinitionSource">
<ref local="databasePathBasedFilterInvocationDefinitionMap" />
</property>
</bean>
<bean id="databasePathBasedFilterInvocationDefinitionMap"
class="b.c.m.security.spring.utils.DatabasePathBasedFilterInvocationDefinitionMap" />
类本身定义为:
public class DatabasePathBasedFilterInvocationDefinitionMap {
private RoleMappingBusiness roleMappingBusiness;
private PathMatcher pathMatcher = new AntPathMatcher();
private boolean convertUrlToLowercaseBeforeComparison = false;
private boolean considerParameters = true;
public ConfigAttribute lookupAttributes(String url) {
if (!considerParameters) {
int firstQuestionMarkIndex = url.lastIndexOf("?");
if (firstQuestionMarkIndex != -1) {
url = url.substring(0, firstQuestionMarkIndex);
}
}
if (convertUrlToLowercaseBeforeComparison) {
url = url.toLowerCase();
}
List<RoleMapping> list = this.roleMappingBusiness.findAll();
Collections.sort(list);
for (RoleMapping roleMapping : list) {
boolean matched = pathMatcher.match(roleMapping.getUrl(), url);
if (matched) {
// String[] roles = roleMapping.getCsvRole().split(",");
// for (String role : roles) {
//// configAttr.addConfigAttribute(new SecurityConfig(role));
// }
ConfigAttribute configAttr = new SecurityConfig(roleMapping.getCsvRole().split(",").toString());
return configAttr;
}
}
return null;
}
@Autowired
public void setRoleMappingBusiness(RoleMappingBusiness roleMappingBusiness) {
this.roleMappingBusiness = roleMappingBusiness;
}
public Iterator getConfigAttributeDefinitions() {
return null;
}
public boolean isConvertUrlToLowercaseBeforeComparison() {
return convertUrlToLowercaseBeforeComparison;
}
public void setConvertUrlToLowercaseBeforeComparison(boolean convertUrlToLowercaseBeforeComparison) {
this.convertUrlToLowercaseBeforeComparison = convertUrlToLowercaseBeforeComparison;
}
public boolean isConsiderParameters() {
return considerParameters;
}
public void setConsiderParameters(boolean considerParameters) {
this.considerParameters = considerParameters;
}
}
我在这里缺少什么?