spring-security-samples-preauth-xml示例无法运行

时间:2015-05-07 11:32:48

标签: java xml spring spring-security

项目: https://github.com/spring-projects/spring-security/tree/master/samples/preauth-xml

当尝试运行上面的项目时,我得到以下异常:

Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#ec8a0ac': Cannot resolve reference to bean 'fsi' while setting constructor argument with key [4]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'fsi' defined in ServletContext resource [/WEB-INF/applicationContext-security.xml]: Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [ROLE_USER, ROLE_SUPERVISOR, ROLE_USER]

与错误相关的XML代码:

<bean id="fsi" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
        <property name="authenticationManager" ref="authenticationManager"/>
        <property name="accessDecisionManager" ref="httpRequestAccessDecisionManager"/>
        <property name="securityMetadataSource">
            <sec:filter-security-metadata-source>
                <sec:intercept-url pattern="/secure/extreme/**" access="ROLE_SUPERVISOR"/>
                <sec:intercept-url pattern="/secure/**" access="ROLE_USER"/>
                <sec:intercept-url pattern="/**" access="ROLE_USER"/>
            </sec:filter-security-metadata-source>
        </property>
    </bean>

尝试在tomcat 6和7上运行它,发生同样的错误。任何提示或帮助将不胜感激。感谢。

2 个答案:

答案 0 :(得分:2)

示例未正确迁移到Spring Security 4.我记录了一个错误(SEC-2966)和fixed it。问题是默认情况下Spring Security 4中的use-expression属性被更改为true。所以我们需要明确地将其声明为false:

<sec:filter-security-metadata-source use-expressions="false">
    <sec:intercept-url pattern="/secure/extreme/**" access="ROLE_SUPERVISOR"/>
    <sec:intercept-url pattern="/secure/**" access="ROLE_USER"/>
    <sec:intercept-url pattern="/**" access="ROLE_USER"/>
</sec:filter-security-metadata-source>

答案 1 :(得分:0)

是的,这是我面临的问题。但是我使用了uses-expressions =“true”并更改了access =“hasAnyRole('ROLE_USER')”,它不起作用并得到了同样的错误。

我认为当你改变使用hasAnyRole或hasRole的访问权限时,使用use-expressions =“true”应该有效。它对我不起作用。

当我更改use-expressions =“false”然后访问=“ROLE_USER”

时,它有效

奇怪..

谢谢Rob