在Spring Security 3.05中配置并发时出错

时间:2012-04-09 18:08:12

标签: spring security spring-security

在Spring Security 3.05中配置并发时出现以下错误。我正在使用Tomcat 7.我已经遵循了Spring Security文档,无法理解为什么会出现此错误。

SEVERE: Exception sending context initialized event to listener instance of class org.springframework.web.context.ContextLoaderListener
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChainProxy': Cannot resolve reference to bean 'concurrencyFilter' while setting bean property 'filterChainMap' with key [/**] with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'concurrencyFilter' defined in ServletContext resource [/WEB-INF/applicationContext-security.xml]: Initialization of bean failed; nested exception is org.springframework.beans.ConversionNotSupportedException: Failed to convert property value of type 'java.lang.String' to required type 'org.springframework.security.core.session.SessionRegistry' for property 'sessionRegistry'; nested exception is java.lang.IllegalStateException: Cannot convert value of type [java.lang.String] to required type [org.springframework.security.core.session.SessionRegistry] for property 'sessionRegistry': no matching editors or conversion strategy found
    at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:328)
    at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
    at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:353)
    at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:153)
    at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedMap(BeanDefinitionValueResolver.java:378)
    at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:161)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1325)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1086)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
    at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:293)
    at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:290)
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:192)
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:585)
    at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:895)
    at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:425)
    at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:282)
    at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:204)
    at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
    at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4723)
    at org.apache.catalina.core.StandardContext$1.call(StandardContext.java:5226)
    at org.apache.catalina.core.StandardContext$1.call(StandardContext.java:5221)
    at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
    at java.util.concurrent.FutureTask.run(FutureTask.java:166)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
    at java.lang.Thread.run(Thread.java:722)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'concurrencyFilter' defined in ServletContext resource [/WEB-INF/applicationContext-security.xml]: Initialization of bean failed; nested exception is org.springframework.beans.ConversionNotSupportedException: Failed to convert property value of type 'java.lang.String' to required type 'org.springframework.security.core.session.SessionRegistry' for property 'sessionRegistry'; nested exception is java.lang.IllegalStateException: Cannot convert value of type [java.lang.String] to required type [org.springframework.security.core.session.SessionRegistry] for property 'sessionRegistry': no matching editors or conversion strategy found
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:527)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
    at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:293)
    at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:290)
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:192)
    at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)
    ... 27 more
Caused by: org.springframework.beans.ConversionNotSupportedException: Failed to convert property value of type 'java.lang.String' to required type 'org.springframework.security.core.session.SessionRegistry' for property 'sessionRegistry'; nested exception is java.lang.IllegalStateException: Cannot convert value of type [java.lang.String] to required type [org.springframework.security.core.session.SessionRegistry] for property 'sessionRegistry': no matching editors or conversion strategy found
    at org.springframework.beans.BeanWrapperImpl.convertIfNecessary(BeanWrapperImpl.java:481)
    at org.springframework.beans.BeanWrapperImpl.convertForProperty(BeanWrapperImpl.java:518)
    at org.springframework.beans.BeanWrapperImpl.convertForProperty(BeanWrapperImpl.java:512)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.convertForProperty(AbstractAutowireCapableBeanFactory.java:1371)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1330)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1086)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
    ... 33 more
Caused by: java.lang.IllegalStateException: Cannot convert value of type [java.lang.String] to required type [org.springframework.security.core.session.SessionRegistry] for property 'sessionRegistry': no matching editors or conversion strategy found
    at org.springframework.beans.TypeConverterDelegate.convertIfNecessary(TypeConverterDelegate.java:233)
    at org.springframework.beans.BeanWrapperImpl.convertIfNecessary(BeanWrapperImpl.java:466)
    ... 39 more

这是我的spring安全配置文件:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
  xmlns:beans="http://www.springframework.org/schema/beans"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://www.springframework.org/schema/beans
           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
           http://www.springframework.org/schema/security
           http://www.springframework.org/schema/security/spring-security-3.0.xsd">

    <http auto-config="false" use-expressions="true"
        access-denied-page="/jsp/accessDenied.jsp" 
        entry-point-ref="authenticationEntryPoint">
        <intercept-url pattern="/login.jsp" filters="none" />
            <intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
        <logout invalidate-session="true" logout-url="/logout.htm"
                logout-success-url="/login.jsp?loggedout=true"/>
            <custom-filter ref="authenticationFilter" 
                position="FORM_LOGIN_FILTER"/>
            <custom-filter ref="concurrencyFilter" 
                position="CONCURRENT_SESSION_FILTER"/>
  <!--          <security:custom-filter ref="singleEntryFilter"
                after="CONCURRENT_SESSION_FILTER"/> --> 
            <session-management session-authentication-strategy-ref="sas"/> 
    </http>
 <!--   <bean id="singleEntryFilter" 
        class="SingleEntryFilter"
        p:redirectURI="/login.jsp">
            <property name="guardURI">
                <list>
                    <value>/jsp</value>
                </list>    
            </property>  
    </bean> -->
    <beans:bean id="authenticationFilter" 
        class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
           <beans:property name="sessionAuthenticationStrategy-ref" value="sas"/>
            <beans:property name="authenticationManager-ref" value="authenticationManager"/>
            <beans:property name="authenticationFailureHandler-ref" value="customAuthenticationFailureHandler"/>
            <beans:property name="authenticationSuccessHandler-ref" value="customAuthenticationSuccessHandler"/> 
    </beans:bean>
    <beans:bean id="customAuthenticationFailureHandler"
        class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
        <beans:property name="defaultFailureUrl" value="/login.jsp?authfailed=true"/>
    </beans:bean>    
    <beans:bean id="customAuthenticationSuccessHandler"
        class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler">
            <beans:property name="defaultTargetUrl" value="/index.jsp" />
    </beans:bean>
    <beans:bean id="authenticationEntryPoint"  
        class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">   
        <beans:property name="loginFormUrl" value="/login.jsp"/> 
    </beans:bean>

    <authentication-manager alias="authenticationManager">
    <authentication-provider user-service-ref="userDetailsService">
            <password-encoder ref="passwordEncoder"/>
        </authentication-provider>
    </authentication-manager>
    <beans:bean class="org.springframework.security.authentication.encoding.Md5PasswordEncoder"
            id="passwordEncoder"/>
    <user-service id="userDetailsService">
            <user name="username" password="ee11cbb19052e40b07aac0ca060c23ee"
                authorities="ROLE_USER, ROLE_ADMIN" />
            <user name="test" password="21232f297a57a5a743894a0e4a801fc3"
                authorities="ROLE_USER" />
    </user-service>
    <beans:bean id="concurrencyFilter" 
        class="org.springframework.security.web.session.ConcurrentSessionFilter">
        <beans:property name="sessionRegistry" value="sessionRegistry"/>    
        <beans:property name="expiredUrl" value="/login.jsp?loggedout=true" />
    </beans:bean>
    <beans:bean id="sas" 
        class="org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy">
        <beans:property name="maximumSessions" value="1" />    
        <beans:constructor-arg name="sessionRegistry" ref="sessionRegistry" />
    </beans:bean>
    <beans:bean id="sessionRegistry" 
        class="org.springframework.security.core.session.SessionRegistryImpl" /> 
</beans:beans>

1 个答案:

答案 0 :(得分:3)

我认为错误消息非常具有描述性:

  

在[...] org.springframework.beans中定义名为'concurrencyFilter'的bean时出错。 ConversionNotSupportedException :无法转换类型的属性值'java.lang.String' property'sessionRegistry '所需的类型'org.springframework.security.core.session。 SessionRegistry ';嵌套异常是java.lang.IllegalStateException:无法将类型[java.lang.String]的值转换为属性'sessionRegistry'所需的类型[org.springframework.security.core.session.SessionRegistry]:找不到匹配的编辑器或转换策略

看起来你所要做的就是改变:

<beans:property name="sessionRegistry" value="sessionRegistry"/> 

为:

<beans:property name="sessionRegistry" ref="sessionRegistry"/>