添加Remember Me功能会引发异常

时间:2013-01-22 10:40:21

标签: spring spring-security

我有以下弹簧安全配置。

 <beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:beans="http://www.springframework.org/schema/beans"
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd">


<!-- For S2OAuth endpoints -->
<http   pattern="/oauth/token" 
        create-session="stateless" 
        authentication-manager-ref="clientAuthenticationManager" 
        entry-point-ref="oauthAuthenticationEntryPoint"
        xmlns="http://www.springframework.org/schema/security">
    <intercept-url pattern="/oauth/token" access="IS_AUTHENTICATED_FULLY" />
    <anonymous enabled="false" />
    <http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
    <!-- include this only if you need to authenticate clients via request parameters -->
    <custom-filter ref="clientCredentialsTokenEndpointFilter" before="BASIC_AUTH_FILTER" />
</http>

<http use-expressions="true">
    <!-- Authentication policy -->
    <form-login login-page="/signin" login-processing-url="/signin/authenticate" authentication-failure-url="/signin?error=1" />
    <logout logout-url="/signout" delete-cookies="JSESSIONID" />
    <!-- Authorization policy definition: TODO consider replacing with @Secured on @Controllers -->
    <intercept-url pattern="/" access="permitAll" />
    <intercept-url pattern="/favicon.ico" access="permitAll" />
    <intercept-url pattern="/members/**" access="permitAll" />
    <intercept-url pattern="/groups/**" access="permitAll" />
    <intercept-url pattern="/pubsub/**" access="permitAll" />
    <intercept-url pattern="/resources/**" access="permitAll" />
    <intercept-url pattern="/signup" access="permitAll" requires-channel="#{environment['application.secureChannel']}" />   
    <intercept-url pattern="/signin" access="permitAll" requires-channel="#{environment['application.secureChannel']}" />
    <intercept-url pattern="/signin/*" access="permitAll" requires-channel="#{environment['application.secureChannel']}" />
    <intercept-url pattern="/reset" access="permitAll" requires-channel="#{environment['application.secureChannel']}" />
    <!-- TODO this would probably be better mapped to simply /invite?token={token} but not able to vary security policy here based on presence of a request parameter.  Consider @Secured on @Controller. -->               
    <intercept-url pattern="/invite/accept" access="permitAll" requires-channel="#{environment['application.secureChannel']}" />
    <!-- TODO this should be restricted to admin users only -->
    <intercept-url pattern="/admin/**" access="permitAll" />           
    <intercept-url pattern="/**" access="isAuthenticated()" requires-channel="#{environment['application.secureChannel']}" />
    <custom-filter ref="resourceServerFilter" before="EXCEPTION_TRANSLATION_FILTER" />
</http>

<authentication-manager alias="authenticationManager">
    <authentication-provider ref="usernamePasswordAuthenticationProvider" />
</authentication-manager>

<bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased" xmlns="http://www.springframework.org/schema/beans">
    <constructor-arg>
        <list>
            <bean class="org.springframework.security.oauth2.provider.vote.ScopeVoter" />
            <bean class="org.springframework.security.access.vote.RoleVoter" />
            <bean class="org.springframework.security.access.vote.AuthenticatedVoter" />
        </list>
    </constructor-arg>
</bean>

<!-- Remember Me -->
<http>
  <remember-me services-ref="rememberMeServices" key="myRememberMeKey" />
</http>

<bean id="jdbcRememberMeRepository" class="com.springsource.greenhouse.rememberme.JdbcRememberMeRepository" xmlns="http://www.springframework.org/schema/beans"/>
<bean id="coreUserDetailsService" class="com.springsource.greenhouse.rememberme.CoreUserDetailsService" xmlns="http://www.springframework.org/schema/beans"/>

<bean id="rememberMeServices" class="org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices" xmlns="http://www.springframework.org/schema/beans">
  <property name="tokenRepository" ref="jdbcRememberMeRepository" />
  <property name="userDetailsService" ref="coreUserDetailsService" />
  <property name="key" value="myRememberMeKey" />
  <property name="alwaysRemember" value="true" />
</bean>


<!-- For S2OAuth endpoints -->
<authentication-manager id="clientAuthenticationManager" xmlns="http://www.springframework.org/schema/security">
    <authentication-provider user-service-ref="clientDetailsUserService" />
</authentication-manager>

<beans:bean id="clientDetailsUserService" class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
    <beans:constructor-arg ref="clientDetails" />
</beans:bean>

<beans:bean id="oauthAuthenticationEntryPoint" class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
    <beans:property name="realmName" value="greenhouseApi" />
</beans:bean>


<beans:import resource="security-oauth-provider.xml" />
</beans:beans>

我收到以下异常。

Exception sending context initialized event to listener instance of class org.springframework.web.context.ContextLoaderListener
    org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: No AuthenticationEntryPoint could be established. Please make sure you have a login mechanism configured through the namespace (such as form-login) or specify a custom AuthenticationEntryPoint with the 'entry-point-ref' attribute 
Offending resource: class path resource [com/springsource/greenhouse/config/security.xml]
at org.springframework.beans.factory.parsing.FailFastProblemReporter.error(FailFastProblemReporter.java:68)
...

我是春天安全的新手。我不知道这个例外的原因。

1 个答案:

答案 0 :(得分:1)

您无法将记住我的声明添加到新的空http 元素中。使用其他已存在的 http 元素,其中已配置了身份验证入口点(例如,通过 form-login 元素):

<http use-expressions="true">
    <!-- Authentication policy -->
    <form-login login-page="/signin" login-processing-url="/signin/authenticate" authentication-failure-url="/signin?error=1" />
    <remember-me services-ref="rememberMeServices" key="myRememberMeKey" />
    ...
<http/>