无法在Spring Security 3.05中自定义用户服务

时间:2012-04-09 05:00:30

标签: spring-security

请帮助解决Spring Security 3.05和Tomcat7.0中出现的以下错误。我是Spring安全的新手,并使用以下教程: 使用Spring Security的简单Web应用程序:http://heraclitusonsoftware.wordpress.com/software-development/spring/simple-web-application-with-spring-security-part-6/

这是错误:

SEVERE: Exception sending context initialized event to listener instance of class org.springframework.web.context.ContextLoaderListener
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'daoAuthenticationProvider' defined in ServletContext resource [/WEB-INF/applicationContext-security.xml]: Initialization of bean failed; nested exception is org.springframework.beans.ConversionNotSupportedException: Failed to convert property value of type 'org.springframework.security.core.userdetails.memory.InMemoryDaoImpl' to required type 'org.springframework.security.userdetails.UserDetailsService' for property 'userDetailsService'; nested exception is java.lang.IllegalStateException: Cannot convert value of type [org.springframework.security.core.userdetails.memory.InMemoryDaoImpl] to required type [org.springframework.security.userdetails.UserDetailsService] for property 'userDetailsService': no matching editors or conversion strategy found
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:527)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
    at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)
    at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:563)
    at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:872)
    at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:423)
    at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:276)
    at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:197)
    at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
    at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4723)
    at org.apache.catalina.core.StandardContext$1.call(StandardContext.java:5226)
    at org.apache.catalina.core.StandardContext$1.call(StandardContext.java:5221)
    at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
    at java.util.concurrent.FutureTask.run(FutureTask.java:166)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
    at java.lang.Thread.run(Thread.java:722)
Caused by: org.springframework.beans.ConversionNotSupportedException: Failed to convert property value of type 'org.springframework.security.core.userdetails.memory.InMemoryDaoImpl' to required type 'org.springframework.security.userdetails.UserDetailsService' for property 'userDetailsService'; nested exception is java.lang.IllegalStateException: Cannot convert value of type [org.springframework.security.core.userdetails.memory.InMemoryDaoImpl] to required type [org.springframework.security.userdetails.UserDetailsService] for property 'userDetailsService': no matching editors or conversion strategy found
    at org.springframework.beans.BeanWrapperImpl.convertForProperty(BeanWrapperImpl.java:471)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.convertForProperty(AbstractAutowireCapableBeanFactory.java:1363)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1322)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1076)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
    ... 19 more
Caused by: java.lang.IllegalStateException: Cannot convert value of type [org.springframework.security.core.userdetails.memory.InMemoryDaoImpl] to required type [org.springframework.security.userdetails.UserDetailsService] for property 'userDetailsService': no matching editors or conversion strategy found
    at org.springframework.beans.TypeConverterDelegate.convertIfNecessary(TypeConverterDelegate.java:291)
    at org.springframework.beans.TypeConverterDelegate.convertIfNecessary(TypeConverterDelegate.java:155)
    at org.springframework.beans.BeanWrapperImpl.convertForProperty(BeanWrapperImpl.java:461)
    ... 23 more

我的春季安全配置,如下所示:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans 
                    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                    http://www.springframework.org/schema/security 
                    http://www.springframework.org/schema/security/spring-security-3.0.xsd">

    <!--<global-method-security secured-annotations="disabled">
    </global-method-security>

<http auto-config="true">
        <intercept-url pattern="/login.jsp" filters="none" />
            <intercept-url pattern="/**" access="ROLE_USER" />
        <form-login login-page="/login.jsp" 
                default-target-url="/home.htm" always-use-default-target="false" 
                authentication-failure-url="/login.jsp?authfailed=true"/>
            <logout invalidate-session="true" logout-url="/logout.htm"
                logout-success-url="/login.jsp?loggedout=true"/>
    <session-management session-fixation-protection="newSession">
        <concurrency-control max-sessions="1" error-if-maximum-exceeded="true"/>
    </session-management>

    </http>
<authentication-manager>
    <authentication-provider>
        <user-service id="userDetailsService">
            <user name="username" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
            <user name="test" password="test" authorities="ROLE_USER" />
        </user-service>
    </authentication-provider>
        </authentication-manager>-->
        <beans:bean id="sessionRegistry"
        class="org.springframework.security.concurrent.SessionRegistryImpl" />

    <beans:bean id="defaultConcurrentSessionController"
        class="org.springframework.security.concurrent.ConcurrentSessionControllerImpl">
        <beans:property name="sessionRegistry" ref="sessionRegistry" />
        <beans:property name="exceptionIfMaximumExceeded"
            value="true" />
    </beans:bean>

    <beans:bean id="daoAuthenticationProvider"
        class="org.springframework.security.providers.dao.DaoAuthenticationProvider">
        <beans:property name="userDetailsService" ref="userDetailsService" />
        <beans:property name="hideUserNotFoundExceptions"
            value="false" />
    </beans:bean>

    <beans:bean id="authenticationManager"
        class="org.springframework.security.providers.ProviderManager">
        <beans:property name="providers">
            <beans:list>
                <beans:ref local="daoAuthenticationProvider" />
            </beans:list>
        </beans:property>
        <beans:property name="sessionController"
            ref="defaultConcurrentSessionController" />
    </beans:bean>

    <beans:bean id="customAuthenticationProcessingFilter"
        class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
        <beans:property name="defaultTargetUrl" value="/home.htm" />
        <beans:property name="authenticationManager" ref="authenticationManager" />
        <beans:property name="authenticationFailureUrl" value="/login.jsp?authfailed=true" />
        <beans:property name="allowSessionCreation" value="true" />
    </beans:bean>

    <global-method-security secured-annotations="disabled">
    </global-method-security>

    <beans:bean id="myAuthenticationEntryPoint"
        class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
        <beans:property name="loginFormUrl" value="/login.jsp" />
    </beans:bean>

    <http entry-point-ref="myAuthenticationEntryPoint" auto-config="false">
        <intercept-url pattern="/login.jsp" filters="none" />
        <intercept-url pattern="/admin.htm" access="ROLE_ADMIN" />
        <intercept-url pattern="/**" access="ROLE_USER" />
        <logout invalidate-session="true" logout-url="/logout.htm"
            logout-success-url="/login.jsp?loggedout=true" />

                            <custom-filter position="FORM_LOGIN_FILTER" 
                            ref="customAuthenticationProcessingFilter"/>
    </http>
        <authentication-manager>
            <authentication-provider>
                            <user-service id="userDetailsService">
                                    <user name="admin" password="admin" authorities="ROLE_USER, ROLE_ADMIN" />
                                    <user name="username" password="password" authorities="ROLE_USER" />
                                    <user name="test" password="test" authorities="ROLE_USER" />
                            </user-service>
                    </authentication-provider>
        </authentication-manager>

</beans:beans>

此致 纳齐尔

1 个答案:

答案 0 :(得分:1)

org.springframework.security.userdetails.UserDetailsService来自Spring Security 2.x,在Spring Security 3.x中,其名称为org.springframework.security.core.userdetails.UserDetailsService

因此,您在类路径中有一些Spring Security 2.x jar。