启用@EnableGlobalMethodSecurity后,Hibernate无法再获取会话

时间:2015-11-22 00:05:27

标签: java spring hibernate spring-mvc spring-security

我正在尝试为Spring Web应用程序实现基于ACL的授权。一旦我将@EnableGlobalMethodSecurity(prePostEnabled = true)注释添加到我的安全配置类,Hibernate事务会话处理就会中断,每当我尝试保存一个对象时,我得到:Could not obtain transaction-synchronized Session for current thread。我怀疑我错误配置了与ACL缓存相关的内容,因为当我从配置中删除相关方法时(同时仍然使用@EnableGlobalMethodSecurity(prePostEnabled = true)注释我的类),问题也会消失。这些是我配置中的相关方法:

@Bean
public RoleHierarchyImpl roleHierarchy() {
    RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl();
    roleHierarchy.setHierarchy("ROLE_ADMINISTRATOR > ROLE_MONITOR > ROLE_USER");
    return roleHierarchy;
}

/**
 * ACL audit logger (print ACL audits to console)
 * @return
 */

@Bean
ConsoleAuditLogger auditLogger(){
    return new ConsoleAuditLogger();
}

/**
 * Caches ACL permissions to reduce database load
 * @return AclCache
 */

@Bean
SpringCacheBasedAclCache aclCache(){
    PermissionGrantingStrategy permissionGrantingStrategy =
            new DefaultPermissionGrantingStrategy(auditLogger());


    return new SpringCacheBasedAclCache(cacheManager().getCache("aclCache"), permissionGrantingStrategy, aclAuthorizationStrategy());
}

@Bean
public CacheManager cacheManager() {
    return new EhCacheCacheManager(ehCacheCacheManager().getObject());
}

/**
 * Cache manager factory to create the cached based on the settings in "/WEB-INF/ehcache.xml"
 * @return EhCacheManagerFactoryBean
 */

@Bean
public EhCacheManagerFactoryBean ehCacheCacheManager() {
    EhCacheManagerFactoryBean cmfb = new EhCacheManagerFactoryBean();
    cmfb.setConfigLocation(new ServletContextResource(servletContext, "/WEB-INF/ehcache.xml"));
    cmfb.setShared(true);
    return cmfb;
}


@Bean
AclAuthorizationStrategyImpl aclAuthorizationStrategy(){
    return new AclAuthorizationStrategyImpl(new SimpleGrantedAuthority("ROLE_ADMINISTRATOR"), new SimpleGrantedAuthority("ROLE_ADMINISTRATOR"), new SimpleGrantedAuthority("ROLE_ADMINISTRATOR"));
}

@Bean
AclPermissionEvaluator permissionEvaluator() {
    return new AclPermissionEvaluator(aclService());
}

@Bean
JdbcMutableAclService aclService() {
    return new JdbcMutableAclService(dataSource, lookupStrategy(), aclCache());
}

@Bean
BasicLookupStrategy lookupStrategy(){
    return new BasicLookupStrategy(dataSource, aclCache(), aclAuthorizationStrategy(), auditLogger());
}

/**
 * Returns an expression handler based upon the specified role hierarchy and permission evaluator
 * @return
 */

@Bean
public DefaultMethodSecurityExpressionHandler expressionHandler(){
    DefaultMethodSecurityExpressionHandler expressionHandler = new DefaultMethodSecurityExpressionHandler();
    expressionHandler.setPermissionEvaluator(permissionEvaluator());
    expressionHandler.setRoleHierarchy(roleHierarchy());
    return expressionHandler;
}

我使用的是Spring 4.2.2,Hibernate Entitymanager 5.0.3和Spring Security 4.0.3。这个血腥的东西一直困扰着我好几个小时,我找不到解决办法。我在这里缺少什么想法?

干杯, 扬

0 个答案:

没有答案
相关问题
最新问题