身份验证在春天不起作用

时间:2014-01-18 17:47:49

标签: java spring spring-security

我在春季安全方面很新。我想使用spring安全功能。我正在使用以下代码。

我的security.xml看起来像这样

<http auto-config="true"  use-expressions="true">
        <intercept-url pattern="/css/**" filters="none" />
        <intercept-url pattern="/sign/**" access="isAnonymous()"/>
<!--         <intercept-url pattern="/signin" access="ROLE_USER" /> -->
        <intercept-url pattern="/singout" access="permitAll" />
        <intercept-url pattern="/accessdenied" access="permitAll" />
        <intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
        <form-login login-page="/signin" default-target-url="/home" authentication-failure-url="/signin" />
        <logout logout-success-url="/logout" />
    </http>

     <authentication-manager>  
            <authentication-provider user-service-ref="userLoginService">  
                <password-encoder hash="plaintext"/>  
<!--            <user-service> -->
<!--                <user name="mkyong" password="123456" authorities="ROLE_USER" /> -->
<!--            </user-service> -->
            </authentication-provider>  
        </authentication-manager> 

用户登录服务代码如下所示.....

public class UserLoginService implements UserDetailsService {

    @Autowired
    IDaoSupport loginDao;

    public void setLoginDao(IDaoSupport loginDao) {
        this.loginDao = loginDao;
    }

    public Collection<? extends GrantedAuthority> getAuthorities(Integer role) {
        List<GrantedAuthority> authList = getGrantedAuthorities(getRoles(role));
        return authList;
    }

    public List<String> getRoles(Integer role) {

        List<String> roles = new ArrayList<String>();

        if (role.intValue() == 1) {
            roles.add("ROLE_MODERATOR");
            roles.add("ROLE_ADMIN");
            roles.add("ROLE_USER");
        } else if (role.intValue() == 2) {
            roles.add("ROLE_MODERATOR");
        }
        return roles;
    }

    public static List<GrantedAuthority> getGrantedAuthorities(List<String> roles) {
        List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();

        for (String role : roles) {


            authorities.add(new SimpleGrantedAuthority(role));

        }
        return authorities;
    }

    @Override
    public UserDetails loadUserByUsername(String email)
            throws UsernameNotFoundException {

        Person person = loginDao.findByProp(Person.class, "loginId", email);
        return new User(person.getLoginId(), person.getPassword(), getAuthorities(1));
    }
}

web.xml看起来像这样......

<filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

但是当我使用这段代码时,我会得到以下代码。

.service() for servlet [rrank] in context with path [/sample] threw exception [Filter execution threw an exception] with root cause
java.lang.NoSuchMethodError: org.springframework.security.authentication.AnonymousAuthenticationToken.<init>(Ljava/lang/String;Ljava/lang/Object;Ljava/util/List;)V
    at org.
某人可以告诉我这段代码中有什么不对。

1 个答案:

答案 0 :(得分:2)

Spring框架lib版本与spring security lib版本不匹配。

您可以从MAVEN REPOSITARY SPRING SECURITY

中选择匹配的版本 祝你好运