使用spring security

时间:2016-08-17 09:34:55

标签: spring spring-security servlet-filters

我正在尝试使用Spring安全性进行oauth身份验证的自定义过滤器下面的DelegatingFilterProxy是我的配置

Web.xml中

<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4"
xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">



<!-- The definition of the Root Spring Container shared by all Servlets 
    and Filters -->
<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>/WEB-INF/spring/root-context.xml</param-value>
</context-param>

<!-- Creates the Spring Container shared by all Servlets and Filters -->
<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- Processes application requests -->
<servlet>
    <servlet-name>appServlet</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <init-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/spring/servlet-context.xml</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
</servlet>
<session-config>
    <session-timeout>30</session-timeout>
</session-config>
<servlet-mapping>
    <servlet-name>appServlet</servlet-name>
    <url-pattern>/</url-pattern>
</servlet-mapping>
<welcome-file-list>
    <welcome-file>/index.html</welcome-file>
</welcome-file-list>
    <filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

servlet的context.xml中

<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:context="http://www.springframework.org/schema/context"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:sec="http://www.springframework.org/schema/security" xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
xsi:schemaLocation="
    http://www.springframework.org/schema/beans     
    http://www.springframework.org/schema/beans/spring-beans.xsd
    http://www.springframework.org/schema/mvc 
    http://www.springframework.org/schema/mvc/spring-mvc.xsd
    http://www.springframework.org/schema/context 
    http://www.springframework.org/schema/context/spring-context.xsd
    http://www.springframework.org/schema/tx 
    http://www.springframework.org/schema/tx/spring-tx-4.1.xsd
    http://www.springframework.org/schema/security 
    http://www.springframework.org/schema/security/spring-security.xsd
    http://www.springframework.org/schema/security/oauth2 
     http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd">

<!-- DispatcherServlet Context: defines this servlet's request-processing 
    infrastructure -->

<!-- Enables the Spring MVC @Controller programming model -->
<!-- <mvc:resources mapping="/" location="/index.html" /> -->
<mvc:resources mapping="/js/**" location="/assets/js/" />
<mvc:resources mapping="/css/**" location="/assets/css/" />
<mvc:resources mapping="/templates/**" location="/assets/templates/" />
<mvc:resources mapping="/lib/**" location="/assets/lib/" />
<mvc:resources mapping="/lib/css/**" location="/assets/lib/css/" />
<mvc:resources mapping="/lib/js/**" location="/assets/lib/js/" />
<mvc:resources mapping="/lib/fonts/**" location="/assets/lib/fonts/" />
<mvc:resources mapping="/img/**" location="/assets/img/" />
<mvc:annotation-driven />
<mvc:default-servlet-handler />

<sec:http pattern="/template/**" security="none"></sec:http>
<sec:http pattern="/css/**" security="none"></sec:http>
<sec:http pattern="/js/**" security="none"></sec:http>
<sec:http pattern="/lib/**" security="none"></sec:http>
<sec:http pattern="/lib/css/**" security="none"></sec:http>
<sec:http pattern="/lib/js/**" security="none"></sec:http>
<sec:http pattern="/lib/fonts/**" security="none"></sec:http>
<sec:http pattern="/img/**" security="none"></sec:http>
<sec:http entry-point-ref="oAuth2AuthenticationEntryPoint">
    <sec:anonymous enabled="false"></sec:anonymous>
    <sec:custom-filter ref="oAuth2Filter" after="SECURITY_CONTEXT_FILTER"></sec:custom-filter>
    <sec:intercept-url pattern="/**" access="ROLE_USER"></sec:intercept-url>
</sec:http>

<sec:authentication-manager alias="upmAuthenticationManager"></sec:authentication-manager>
<!-- Configure to plugin JSON as request and response in method handler -->
<bean
    class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter">
    <property name="messageConverters">
        <list>
            <ref bean="jsonMessageConverter" />
        </list>
    </property>
</bean>
<bean id="oAuth2AuthenticationEntryPoint" class="com.upm.oAuth.OAuthAuthenticationEntryPoint">
    <constructor-arg value="/index.html"></constructor-arg>
</bean>

<bean id="oAuthEnd" name="oAuthEnd" class="com.upm.oAuth.OAuthEndServlet">
    <property name="oAuth2Filter" ref="oAuth2Filter" />
</bean>

<bean id="oAuth2Filter" class="com.upm.oAuth.OAuth2Filter">
    <property name="clientID" value="xxx" />
    <property name="clientSecret" value="xxx" />
    <property name="serviceURL" value="https://" />
</bean>
<bean
    class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">

    <property name="location">
        <value>classpath:database.properties</value>
    </property>
</bean>

<!-- Configure bean to convert JSON to POJO and vice versa -->
<bean id="jsonMessageConverter"
    class="org.springframework.http.converter.json.MappingJackson2HttpMessageConverter">
</bean>

应用程序已成功部署并尝试访问以下URL。我得到了例外 http://localhost:8082/contex-path/index.htmlhttp://localhost:8082/contex-path

异常

INFO: Starting ProtocolHandler ["http-bio-8082"]
Exception in thread "http-bio-8082-exec-1" java.lang.StackOverflowError
at   org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:246)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)

有人可以帮我解决这个问题吗?

0 个答案:

没有答案