我是Spring的新手,遇到了配置Spring安全规则的一些困难。
以下是我的规则:
<intercept-url pattern="/administration/**" access="ROLE_ADMINISTRATION" />
<intercept-url pattern="/programmation/**" access="ROLE_ADMINISTRATION, ROLE_SAISIE, ROLE_CONSULTATION" />
<intercept-url pattern="/programmation/validate" access="hasAnyRole('ROLE_ADMINISTRATION', 'ROLE_SAISIE', 'ROLE_CONSULTATION') and hasAnyRole('ROLE_NATIONAL', 'ROLE_REGIONAL')" />
<intercept-url pattern="/restitution/**" access="ROLE_ADMINISTRATION, ROLE_RESTITUTION" />
<intercept-url pattern="/**" access="ROLE_ADMINISTRATION, ROLE_SAISIE, ROLE_CONSULTATION, ROLE_RESTITUTION" />
我刚刚添加了第三个,在启动服务器时,从我的角度来看,它产生了一个非常奇怪的异常:
java.lang.IllegalArgumentException: Unsupported configuration attributes: [hasAnyRole('ROLE_ADMINISTRATION', 'ROLE_CONSULTATION') and hasAnyRole('ROLE_NATIONAL', 'ROLE_REGIONAL'), 'ROLE_SAISIE']
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.afterPropertiesSet(AbstractSecurityInterceptor.java:156) [spring-security-core-3.2.5.RELEASE.jar:3.2.5.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1612) [spring-beans-4.0.1.RELEASE.jar:4.0.1.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1549) [spring-beans-4.0.1.RELEASE.jar:4.0.1.RELEASE]
... 49 more
如您所见,它来自
hasAnyRole('ROLE_ADMINISTRATION', 'ROLE_SAISIE', 'ROLE_CONSULTATION') and hasAnyRole('ROLE_NATIONAL', 'ROLE_REGIONAL')
到
hasAnyRole('ROLE_ADMINISTRATION', 'ROLE_CONSULTATION') and hasAnyRole('ROLE_NATIONAL', 'ROLE_REGIONAL'), 'ROLE_SAISIE'
我认为规则之间存在一种不良的交互,但我无法弄清楚到底发生了什么。
答案 0 :(得分:2)
尝试设置父标记<http>属性use-expressions="true",应该是这样的:
<http use-expressions="true">
<intercept-url pattern="/administration/**" access="ROLE_ADMINISTRATION" />
<intercept-url pattern="/programmation/**" access="ROLE_ADMINISTRATION, ROLE_SAISIE, ROLE_CONSULTATION" />
....