我觉得我正在服用疯狂的药片。在我的spring-security-context.xml中没有任何地方可以引用' customAuthenticationProvider'显示在下面的堆栈跟踪中。
有人可以帮我发现我的问题吗?
的web.xml
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app metadata-complete="true" version="3.0" id="pss"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<!-- other stuff -->
<!-- Spring Security Configuration -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring-security-context.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- other stuff -->
</web-app>
弹簧安全context.xml中
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-4.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd">
<bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy">
<sec:filter-chain-map path-type="ant">
<sec:filter-chain pattern="/api/mobile/**" filters="sif,customMobileSecurityFilter"/>
<sec:filter-chain pattern="/admin/**" filters="sif,customAdminSecurityFilter"/>
</sec:filter-chain-map>
</bean>
<bean id="sif" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/>
<bean id="customMobileSecurityFilter" class="com.server.webapp.CustomAuthenticationProcessingFilter">
<property name="authenticationManager" ref="customAuthenticationManager"/>
<property name="authenticationSuccessHandler" ref="customAuthenticationSuccessHandler"/>
<property name="postOnly" value="false"/>
</bean>
<bean id="customAdminSecurityFilter" class="com.server.webapp.CustomAuthenticationProcessingFilter">
<property name="authenticationManager" ref="customAuthenticationManager"/>
<property name="authenticationSuccessHandler" ref="customAuthenticationSuccessHandler"/>
<property name="postOnly" value="false"/>
</bean>
<sec:authentication-manager alias="customAuthenticationManager">
<sec:authentication-provider ref="preAuthenticatedAuthenticationProvider" />
</sec:authentication-manager>
<bean id="preAuthenticatedAuthenticationProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider"/>
</beans>
堆栈跟踪
2014-07-07 17:31:05 [localhost-startStop-1] ERROR o.s.web.context.ContextLoader - Context initialization failed
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve reference to bean 'org.springframework.security.web.DefaultSecurityFilterChain#0' while setting bean property 'sourceList' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#0': Cannot create inner bean '(inner bean)#170db745' of type [org.springframework.security.web.authentication.www.BasicAuthenticationFilter] while setting constructor argument with key [2]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#170db745': Cannot resolve reference to bean 'org.springframework.security.authentication.ProviderManager#0' while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authentication.ProviderManager#0': Cannot resolve reference to bean 'org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#0' while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#0': FactoryBean threw exception on object creation; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.authenticationManager': Cannot resolve reference to bean 'customAuthenticationProvider' while setting constructor argument with key [0]; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'customAuthenticationProvider' is defined
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:336) ~[spring-beans-4.0.5.RELEASE.jar:4.0.5.RELEASE]
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:108) ~[spring-beans-4.0.5.RELEASE.jar:4.0.5.RELEASE]
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:359) ~[spring-beans-4.0.5.RELEASE.jar:4.0.5.RELEASE]
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:157) ~[spring-beans-4.0.5.RELEASE.jar:4.0.5.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1456) ~[spring-beans-4.0.5.RELEASE.jar:4.0.5.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1197) ~[spring-beans-4.0.5.RELEASE.jar:4.0.5.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:537) ~[spring-beans-4.0.5.RELEASE.jar:4.0.5.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:475) ~[spring-beans-4.0.5.RELEASE.jar:4.0.5.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:304) ~[spring-beans-4.0.5.RELEASE.jar:4.0.5.RELEASE]
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:228) ~[spring-beans-4.0.5.RELEASE.jar:4.0.5.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:300) ~[spring-beans-4.0.5.RELEASE.jar:4.0.5.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:195) ~[spring-beans-4.0.5.RELEASE.jar:4.0.5.RELEASE]
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:684) ~[spring-beans-4.0.5.RELEASE.jar:4.0.5.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:760) ~[spring-context-4.0.5.RELEASE.jar:4.0.5.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:482) ~[spring-context-4.0.5.RELEASE.jar:4.0.5.RELEASE]
at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:403) ~[spring-web-4.0.5.RELEASE.jar:4.0.5.RELEASE]
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:306) ~[spring-web-4.0.5.RELEASE.jar:4.0.5.RELEASE]
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:106) [spring-web-4.0.5.RELEASE.jar:4.0.5.RELEASE]
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4973) [catalina.jar:7.0.54]
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5467) [catalina.jar:7.0.54]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) [catalina.jar:7.0.54]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1559) [catalina.jar:7.0.54]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1549) [catalina.jar:7.0.54]
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) [na:1.7.0_17]
at java.util.concurrent.FutureTask.run(FutureTask.java:166) [na:1.7.0_17]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [na:1.7.0_17]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [na:1.7.0_17]
at java.lang.Thread.run(Thread.java:722) [na:1.7.0_17]
提前致谢!
答案 0 :(得分:0)
我在一位同事的帮助下想到了这一点。菜鸟错误。
我正在更改的tomcat(web.xml)和spring security(spring-security-context.xml)配置文件保存在/ web / WEB-INF /文件夹中。
但是,在部署之前我没有意识到我们的ant构建脚本将/ tom /中的所有tomcat相关联。具体来说,web.xml和spring-security-context.xml被复制到/ build / WEB-INF /.
在重新部署tomcat之前,我没有运行ant构建脚本,因此使用了旧版本的配置文件,引用了customAuthenticationProvider。
在弄清楚之后,我也意识到我错过了customAuthenticationSuccessHandler bean的定义,并且没有在spring-security-context.xml中为我的AuthenticationProvider定义UserDetailsService。
以下是更正后的版本:
弹簧安全context.xml中
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-4.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd">
<bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy">
<sec:filter-chain-map path-type="ant">
<sec:filter-chain pattern="/api/mobile/**" filters="sif,customMobileSecurityFilter"/>
<sec:filter-chain pattern="/admin/**" filters="sif,customAdminSecurityFilter"/>
</sec:filter-chain-map>
</bean>
<bean id="sif" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/>
<bean id="customMobileSecurityFilter" class="com.server.webapp.CustomAuthenticationProcessingFilter">
<property name="authenticationManager" ref="customAuthenticationManager"/>
<property name="authenticationSuccessHandler" ref="customAuthenticationSuccessHandler"/>
</bean>
<bean id="customAdminSecurityFilter" class="com.server.webapp.CustomAuthenticationProcessingFilter">
<property name="authenticationManager" ref="customAuthenticationManager"/>
<property name="authenticationSuccessHandler" ref="customAuthenticationSuccessHandler"/>
</bean>
<bean id="customAuthenticationSuccessHandler" class="com.server.webapp.CustomAuthenticationSuccessHandler"/>
<sec:authentication-manager alias="customAuthenticationManager">
<sec:authentication-provider ref="preAuthenticatedAuthenticationProvider" />
</sec:authentication-manager>
<bean id="preAuthenticatedAuthenticationProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
<property name="preAuthenticatedUserDetailsService" ref="customPreAuthenticatedUserDetailsService"/>
</bean>
<bean id="customPreAuthenticatedUserDetailsService" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService"/>
</beans>