对不起,如果这个问题已经得到解答 - 我已经找到了一些常见的问题答案,例如使用和没有xmlns:bean声明,但我得到的东西似乎不同......所以这是我的xml文件:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<beans:bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer" />
<global-method-security pre-post-annotations="enabled" />
<beans:bean id="authMessageHandler" class="xxx.AuthenticationMessageHandler" />
<!-- **************************** -->
<!-- Security configuration for REST services. -->
<http pattern="/consultants/**"
authentication-manager-ref="authenticationManager" entry-point-ref="restServicesEntryPoint"
create-session="stateless">
<custom-filter ref="restServicesFilter"
before="PRE_AUTH_FILTER" />
</http>
<!-- Entry point for REST service. -->
<beans:bean id="restServicesEntryPoint" class="xxx.RestAuthenticationEntryPoint" />
<!-- Filter for REST services. -->
<beans:bean id="restServicesFilter" class="xxx.RestUsernamePasswordAuthenticationFilter">
<property name="postOnly" value="false" />
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationSuccessHandler" ref="restServicesSuccessHandler" />
</beans:bean>
<!-- A handler for successful REST service authentication. -->
<beans:bean id="restServicesSuccessHandler" class="xxx.RestAuthenticationSuccessHandler" />
<!-- **************************** -->
<http access-denied-page="/public/auth/denied.html" use-expressions="true" auto-config="false">
<!--Define our custom login page-->
<form-login login-page="/auth/login"
default-target-url="/main"
always-use-default-target="true"
authentication-failure-handler-ref="authMessageHandler" />
<session-management invalid-session-url="/auth/invalid-session"></session-management>
<!-- Not logged in only have access to the login pages. -->
<intercept-url pattern=
<!-- stuff -->
/>
<logout logout-success-url="/auth/login" invalidate-session="false" />
</http>
星号之间的东西是我添加到已经工作的xml中,我在问题标题中提到了3个错误:
<property name="postOnly" value="false" />
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationSuccessHandler" ref="restServicesSuccessHandler" />
我不明白为什么。我可以就这里发生的事情得到任何建议吗?
答案 0 :(得分:1)
你的根元素有
xmlns="http://www.springframework.org/schema/security"
因此这些元素:
<property name="postOnly" value="false" />
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationSuccessHandler" ref="restServicesSuccessHandler" />
位于http://www.springframework.org/schema/security名称空间中,它们应位于http://www.springframework.org/schema/beans名称空间中。你需要使用
<beans:property name="postOnly" value="false" />
<beans:property name="authenticationManager" ref="authenticationManager" />
<beans:property name="authenticationSuccessHandler" ref="restServicesSuccessHandler" />
代替。