我正在尝试将Spring Security Application从2.0.4迁移到3.0。我相应地更新了必要的标签。但我面临错误
我的config.xml如下所示
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<security:http entry-point-ref="authenticationEntryPoint"
access-denied-page="/pages/accessDenied">
<security:intercept-url pattern="/resources/**" filters="none"/>
<security:intercept-url pattern="/includes/**" filters="none" />
<security:intercept-url pattern="/styles/**" filters="none" />
<security:intercept-url pattern="/images/**" filters="none" />
<security:intercept-url pattern="/help**" filters="none" />
<security:intercept-url pattern="/pages/layouts/**" filters="none" />
<security:intercept-url pattern="/pages/sessionExpired" filters="none" />
<security:intercept-url pattern="/pages/accessDenied" filters="none" />
<security:intercept-url pattern="/pages/error" filters="none" />
<security:intercept-url pattern="/pages/public/**" filters="none" />
<security:intercept-url pattern="/pages/login" filters="none"/>
<security:intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<security:logout logout-url="/logout"
invalidate-session="true"
logout-success-url="${logoutSuccessUrl}"/>
<security:session-management>
<security:concurrency-control
error-if-maximum-exceeded="false" max-sessions="500"
expired-url="/pages/sessionExpired"></security:concurrency-control>
</security:session-management>
<security:custom-filter ref="cflf" position="FORM_LOGIN_FILTER"/>
<security:custom-filter ref="supf" position="SWITCH_USER_FILTER" />
<security:custom-filter ref="preAuthFilter" position="PRE_AUTH_FILTER"/>
<security:custom-filter ref="etf" before="EXCEPTION_TRANSLATION_FILTER"/>
</security:http>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="customAuthenticationProvider"/>
<security:authentication-provider ref="preAuthenticatedAuthenticationProvider"/>
<security:authentication-provider ref="preauthAuthProvider"/>
</security:authentication-manager>
<bean id="cflf"
class="org.springframework.security.web.authentication.AuthenticationProcessingFilter" >
<property name="authenticationSuccessHandler" ref="successHandler" />
<property name="authenticationFailureHandler" ref="failureHandler"/>
<property name="authenticationManager" ref="customAuthenticationManager" />
<property name="allowSessionCreation" value="true" />
</bean>
<bean id="failureHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler" >
<property name="defaultFailureUrl" value="/pages/login?login_error=true" />
</bean>
<bean id="successHandler" class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler" >
<property name="defaultTargetUrl" value="/pages/index" /> <!-- which is the default value -->
</bean><bean id="customAuthenticationManager"
class="org.springframework.security.authentication.ProviderManager">
<property name="providers">
<list>
<ref local="preAuthenticatedAuthenticationProvider" />
<ref local="customAuthenticationProvider" />
</list>
</property>
</bean><bean id="authenticationEntryPoint"
class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint" >
<property name="loginFormUrl" value="/pages/login" />
</bean><bean id="supf"
class="org.springframework.security.web.authentication.switchuser.SwitchUserFilter" >
<property name="userDetailsService" ref="userDetailsService" />
<property name="switchUserUrl" value="/j_spring_security_switch_user" />
<property name="exitUserUrl" value="/j_spring_security_exit_user" />
<property name="switchFailureUrl" value="/pages/error" />
<property name="targetUrl" value="/" />
</bean><bean id="userDetailsService"
class="com.demo.myapp.client.AuthorizationUserDetailsService">
<property name="myappService" ref="myappService"/>
<property name="userListingService" ref="userListingService"/>
<property name="allowTestingRole" value="${allowTestingRole}"/>
<property name="allowUnknownUser" value="${allowUnknownUser}"/>
</bean><bean id="userListingService"
class="com.demo.myapp.client.UserListingService" />
<bean id="myappService" class="com.demo.myapp.ws.myappServiceImpl">
<property name="applicationName" value="${applicationName}" />
<property name="prefix" value="${rolePrefix}" />
<property name="myappWebServiceTemplate">
<bean class="com.demo.myapp.ws.WebServiceTemplateFactory"
factory-method="createmyappWebServiceTemplate">
<constructor-arg value="${myappWebServiceUri}" />
</bean>
</property>
</bean>
<bean id="customAuthenticationProvider"
class="com.demo.myapp.client.CustomAuthenticationProvider"><property name="userDetailsService" ref="userDetailsService"/>
</bean><bean id="preAuthenticatedAuthenticationProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
<property name="preAuthenticatedUserDetailsService" ref="preAuthenticatedUserDetailsService" />
</bean><bean id="preAuthFilter"
class="com.demo.myapp.filter.CustomRequestHeaderPreAuthenticatedProcessingFilter">
<property name="continueFilterChainOnUnsuccessfulAuthentication" value="${continueIfPreauthFails}"/>
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationDetailsSource" ref="authenticationDetailsSource" />
</bean><bean id="preAuthenticatedProcessingFilterEntryPoint"
class=" org.springframework.security.web.authentication.Http403ForbiddenEntryPoint" /><bean id="preAuthenticatedUserDetailsService" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
<property name="userDetailsService" ref="userDetailsService"/>
</bean><bean id="authenticationDetailsSource" class="org.springframework.security.authentication.AuthenticationDetailsSourceImpl">
<property name="clazz" value="com.demo.myapp.client.WssoWebAuthenticationDetails"/>
</bean> <bean id="preauthAuthProvider"
class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider"> <property name="preAuthenticatedUserDetailsService" ref="preAuthenticatedUserDetailsService"/>
</bean> <bean id="etf"
class=" org.springframework.security.web.access.ExceptionTranslationFilter">
<property name="authenticationEntryPoint" ref="authenticationEntryPoint" />
<property name="accessDeniedHandler">
<bean class="com.demo.myapp.handler.AccessDeniedHandlerImpl">
<property name="externalErrorPage" value="${externalAccessDeniedPage}"/>
<property name="errorPage" value="/pages/accessDenied"/>
</bean>
</property>
<property name="throwableAnalyzer">
<bean class="com.demo.myapp.handler.CustomThrowableAnalyzer"/>
</property>
</bean>
</beans>
我的AccessDeniedHandlerImpl文件包含以下代码段
public void handle(HttpServletRequest request, HttpServletResponse response,AccessDeniedException accessDeniedException) throws IOException, ServletException {
if ( (externalErrorPage != null) && (cookieName != null)&&!doesCookieExist((HttpServletRequest)request)) ) {
((HttpServletRequest) request).setAttribute(SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY, accessDeniedException);
((HttpServletResponse)response).sendRedirect(externalErrorPage);
}
else
super.handle(request, response, accessDeniedException);
}
但是当我运行应用程序时,我面临这个问题:
]] Root cause of ServletException.
java.lang.IllegalArgumentException: Unable to load class 'org.springframework.security.AccessDeniedException'
at org.springframework.webflow.engine.builder.model.FlowModelFlowBuilder.toClass(FlowModelFlowBuilder.java:960)
at org.springframework.webflow.engine.builder.model.FlowModelFlowBuilder.parseTransitionExecutingExceptionHandler(FlowModelFlowBuilder.java:764)
at org.springframework.webflow.engine.builder.model.FlowModelFlowBuilder.parseTransitionExecutingExceptionHandlers(FlowModelFlowBuilder.java:752)
at org.springframework.webflow.engine.builder.model.FlowModelFlowBuilder.parseExceptionHandlers(FlowModelFlowBuilder.java:733)
at org.springframework.webflow.engine.builder.model.FlowModelFlowBuilder.parseAndAddViewState(FlowModelFlowBuilder.java:549)
at org.springframework.webflow.engine.builder.model.FlowModelFlowBuilder.buildStates(FlowModelFlowBuilder.java:206)
at org.springframework.webflow.engine.builder.FlowAssembler.directAssembly(FlowAssembler.java:106)
at org.springframework.webflow.engine.builder.FlowAssembler.assembleFlow(FlowAssembler.java:91)
at org.springframework.webflow.engine.builder.DefaultFlowHolder.assembleFlow(DefaultFlowHolder.java:109)
at org.springframework.webflow.engine.builder.DefaultFlowHolder.getFlowDefinition(DefaultFlowHolder.java:84)
at org.springframework.webflow.definition.registry.FlowDefinitionRegistryImpl.getFlowDefinition(FlowDefinitionRegistryImpl.java:61)
at org.springframework.webflow.executor.FlowExecutorImpl.launchExecution(FlowExecutorImpl.java:138)
at org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:193)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:771)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:716)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:647)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:552)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227) at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
我错的任何想法?
提前致谢!
答案 0 :(得分:0)
“org.springframework.security.AccessDeniedException”类转换为“org.springframework.security.access.AccessDeniedException”。所以它无法加载课程。