我在spring.start.io上使用spring boot
我有一个问题,我的视图(thymleaf)没有将sec:标记呈现为正确的html
我的pom.xml文件
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>security</groupId>
<artifactId>demo</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>jar</packaging>
<name>demo</name>
<description>Demo project for Spring Boot</description>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.6.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>1.8</java.version>
<thymeleaf.version>3.0.2.RELEASE</thymeleaf.version>
<thymeleaf-layout-dialect.version>2.2.0</thymeleaf-layout-dialect.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.modelmapper</groupId>
<artifactId>modelmapper</artifactId>
<version>1.1.0</version>
</dependency>
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity4</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
我的百里香叶模板
<!DOCTYPE html>
<html lang="en"
xmlns:th="http://www.thymeleaf.org"
xmlns:sec="http://www.thymeleaf.org/extras/spring-security">
<th:block th:replace="~{fragments/main-page-fragments:: htmlHeadTag}">
</th:block>
<body>
<th:block th:replace="~{fragments/main-page-fragments:: navBar}">
</th:block>
<h1>Home</h1>
<div sec:authentication="name"></div>
<div sec:authorize="hasRole('ROLE_ADMIN')">
Za Admina
</div>
<div sec:authorize="hasRole('ROLE_USER')">
Za user
</div>
<div sec:authentication="name"></div>
<div sec:authorize="hasRole('ADMIN')">
Za Admina
</div>
<div sec:authorize="hasRole('USER')">
Za user
</div>
<th:block th:replace="~{fragments/main-page-fragments:: bootstrapScripts}">
</th:block>
</body>
</html>
我究竟做错了什么?我甚至对角色进行了整合,我将链接到sec xml标签的正确依赖关联起来。
答案 0 :(得分:1)
我认为这是因为没有将Spring安全方言添加到TemplateEngine中。我不确定你是如何设置WebMvcConfig的,但作为一个例子:
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered;
import org.springframework.scheduling.annotation.EnableScheduling;
import org.springframework.transaction.annotation.EnableTransactionManagement;
import org.springframework.web.servlet.ViewResolver;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import org.thymeleaf.extras.springsecurity4.dialect.SpringSecurityDialect;
import org.thymeleaf.spring4.SpringTemplateEngine;
import org.thymeleaf.spring4.view.ThymeleafViewResolver;
import org.thymeleaf.templateresolver.ClassLoaderTemplateResolver;
import org.thymeleaf.templateresolver.TemplateResolver;
import org.thymeleaf.templateresolver.UrlTemplateResolver;
@Configuration
@EnableScheduling
@EnableTransactionManagement
public class WebMvcConfig extends WebMvcConfigurerAdapter {
@Bean
public TemplateResolver templateResolver() {
TemplateResolver templateResolver = new ClassLoaderTemplateResolver();
templateResolver.setPrefix("views/");
templateResolver.setSuffix(".html");
templateResolver.setTemplateMode("HTML5");
templateResolver.setCacheable(false);
return templateResolver;
}
@Bean
public UrlTemplateResolver urlTemplateResolver() {
return new UrlTemplateResolver();
}
@Bean
public SpringTemplateEngine templateEngine() {
SpringTemplateEngine templateEngine = new SpringTemplateEngine();
templateEngine.addTemplateResolver(templateResolver());
templateEngine.addTemplateResolver(urlTemplateResolver());
templateEngine.addDialect(new SpringSecurityDialect());
return templateEngine;
}
@Bean
public ViewResolver thymeleafViewResolver() {
ThymeleafViewResolver vr = new ThymeleafViewResolver();
vr.setTemplateEngine(templateEngine());
vr.setCharacterEncoding("UTF-8");
vr.setOrder(Ordered.HIGHEST_PRECEDENCE);
return vr;
}
}
问候 玛丽安
@Edit: 我添加了WebMvcConfig的完整示例。对于此示例,Views将位于Resources / views中,但您可以根据需要进行设置。
答案 1 :(得分:1)
您不需要使用sec:扩展名进行简单的Spring Security集成。
取决于角色的条件阻止:
<div th:if="${#request.isUserInRole('ADMIN')}">
Za Admina
</div>
打印用户名:
<div th:text="${#request.userPrincipal.name}"></div>