访问被拒绝处理程序标记的Spring安全性错误

时间:2014-03-28 14:38:27

标签: spring spring-security access-denied

我已经添加了access-denied-handler标记,以便在我的应用处理AccessDeniedException时重定向到特定页面但是我有错误:

配置问题:无法从相对位置导入bean定义[pgm-security-cas.xml] 违规资源:类路径资源[spring / pgm-servlet.xml];嵌套异常是org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException:来自类路径资源[spring / pgm-security-cas.xml]的XML文档中的第92行无效;嵌套异常是org.xml.sax.SAXParseException:cvc-complex-type.2.4.a:找到以元素'sec:access-denied-handler'开头的无效内容。其中一个是{{http://www.springframework.org/schema/security“:intercept-url}'。

这是我的xml:

<bean id="fsi"
    class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
    <property name="authenticationManager" ref="authenticationManager" />
    <property name="accessDecisionManager" ref="httpRequestAccessDecisionManager" />
    <property name="securityMetadataSource">
        <sec:filter-invocation-definition-source use-expressions="true">
            <sec:intercept-url pattern="/manageboxes" access="hasRole('A_READ_USER')" />
            <sec:access-denied-handler error-page="/accessDeniedPage" />
        </sec:filter-invocation-definition-source>
    </property>
</bean>

有人知道哪里有问题?

filterChainProxy的定义是:

<bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy">
    <sec:filter-chain-map request-matcher="ant">
        <sec:filter-chain pattern="/xhtml/login/invalidLogin.xhtml*" filters="none" />
        <sec:filter-chain pattern="/j_spring_security_logout"
            filters="logoutFilter,fsi" />
        <sec:filter-chain pattern="/javax.faces.resource/*"
            filters="none" />
        <sec:filter-chain pattern="/**"
            filters="casAuthenticationFilter, casValidationFilter, wrappingFilter, sif, j2eePreAuthFilter, logoutFilter, fsi" />
    </sec:filter-chain-map>
</bean>

1 个答案:

答案 0 :(得分:0)

<access-denied-handler>无法放入<filter-invocation-definition-source>内。您必须创建exceptionTranslator

<bean id="exceptionTranslator"            class="org.springframework.security.web.access.ExceptionTranslationFilter">
<property name="authenticationEntryPoint">
    <bean class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint"
            p:loginFormUrl="/login" />
</property>
<property name="accessDeniedHandler">
    <bean class="org.springframework.security.web.access.AccessDeniedHandlerImpl"
    p:errorPage="/accessDenied" />
</property>
</bean>

并将其连接到filterChainProxy 

<bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy">
    <sec:filter-chain-map request-matcher="ant">
        <sec:filter-chain pattern="/**"
            filters="casAuthenticationFilter, casValidationFilter, wrappingFilter, sif,      j2eePreAuthFilter, logoutFilter, 
            exceptionTranslator,
            fsi" />
        </sec:filter-chain-map>
</bean>
相关问题
最新问题