我的 Spring 2.5.6 的应用程序使用 JDK 1.6 运行。我更改为 4.3.6 版本以使用 JDK 1.8 。
已经改变了一些方法和导入......
没有更多的编译错误。
但是当我尝试使用Jetty启动应用程序时,我收到以下错误:
[WARNING] Nested in org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Failed to import bean definitions from URL location [classpath:spring-security-config.xml]
Offending resource: class path resource [beanRefFacory.xml]; nested exception is org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 18 in XML document from class path resource [spring-security-config.xml] is invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: 18; columnNumber: 58; cvc-complex-type.2.4.c: O curinga correspondente é restrito, mas nenhuma declaração pode ser encontrada para o elemento 'security:http'.:
org.xml.sax.SAXParseException; lineNumber: 18; columnNumber: 58; cvc-complex-type.2.4.c: O curinga correspondente é restrito, mas nenhuma declaração pode ser encontrada para o elemento 'security:http'.
at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:198)
at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.error(ErrorHandlerWrapper.java:134)
at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:437)
at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:368)
at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:325)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator$XSIErrorReporter.reportError(XMLSchemaValidator.java:458)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.reportSchemaError(XMLSchemaValidator.java:3237)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.handleStartElement(XMLSchemaValidator.java:1917)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.startElement(XMLSchemaValidator.java:746)
at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.scanStartElement(XMLNSDocumentScannerImpl.java:379)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:2786)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:606)
at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(XMLNSDocumentScannerImpl.java:117)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:510)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:848)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:777)
at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:141)
at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:243)
at com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:347)
at org.springframework.beans.factory.xml.DefaultDocumentLoader.loadDocument(DefaultDocumentLoader.java:76)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadDocument(XmlBeanDefinitionReader.java:429)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:391)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:336)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:304)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:181)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:217)
at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.importBeanDefinitionResource(DefaultBeanDefinitionDocumentReader.java:227)
at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.parseDefaultElement(DefaultBeanDefinitionDocumentReader.java:184)
at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.parseBeanDefinitions(DefaultBeanDefinitionDocumentReader.java:169)
at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.doRegisterBeanDefinitions(DefaultBeanDefinitionDocumentReader.java:142)
at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.registerBeanDefinitions(DefaultBeanDefinitionDocumentReader.java:94)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.registerBeanDefinitions(XmlBeanDefinitionReader.java:508)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:392)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:336)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:304)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:181)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:217)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:188)
at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:125)
at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:94)
at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:129)
at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:613)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:514)
at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:444)
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:326)
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:107)
at org.mortbay.jetty.handler.ContextHandler.startContext(ContextHandler.java:548)
at org.mortbay.jetty.servlet.Context.startContext(Context.java:136)
at org.mortbay.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1250)
at org.mortbay.jetty.handler.ContextHandler.doStart(ContextHandler.java:517)
at org.mortbay.jetty.webapp.WebAppContext.doStart(WebAppContext.java:467)
at org.mortbay.jetty.plugin.Jetty6PluginWebAppContext.doStart(Jetty6PluginWebAppContext.java:115)
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at org.mortbay.jetty.handler.HandlerCollection.doStart(HandlerCollection.java:152)
at org.mortbay.jetty.handler.ContextHandlerCollection.doStart(ContextHandlerCollection.java:156)
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at org.mortbay.jetty.handler.HandlerCollection.doStart(HandlerCollection.java:152)
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at org.mortbay.jetty.handler.HandlerWrapper.doStart(HandlerWrapper.java:130)
at org.mortbay.jetty.Server.doStart(Server.java:224)
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at org.mortbay.jetty.plugin.Jetty6PluginServer.start(Jetty6PluginServer.java:132)
at org.mortbay.jetty.plugin.AbstractJettyMojo.startJetty(AbstractJettyMojo.java:441)
at org.mortbay.jetty.plugin.AbstractJettyMojo.execute(AbstractJettyMojo.java:383)
at org.mortbay.jetty.plugin.AbstractJettyRunMojo.execute(AbstractJettyRunMojo.java:210)
at org.mortbay.jetty.plugin.Jetty6RunMojo.execute(Jetty6RunMojo.java:184)
at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:134)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:207)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:116)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:80)
at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build(SingleThreadedBuilder.java:51)
at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:128)
at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:307)
at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:193)
at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:106)
at org.apache.maven.cli.MavenCli.execute(MavenCli.java:863)
at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:288)
at org.apache.maven.cli.MavenCli.main(MavenCli.java:199)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:289)
at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:229)
at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:415)
at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:356)
有人可以帮我这个吗?
编辑: 这是我的 spring-security-config.xml (在迁移期间未更改):
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
xmlns:lang="http://www.springframework.org/schema/lang" xmlns:p="http://www.springframework.org/schema/p"
xmlns:util="http://www.springframework.org/schema/util" xmlns:camel="http://activemq.apache.org/camel/schema/spring"
xmlns:jee="http://www.springframework.org/schema/jee" xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.2.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/lang http://www.springframework.org/schema/lang/spring-lang.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
http://activemq.apache.org/camel/schema/spring http://activemq.apache.org/camel/schema/spring/camel-spring.xsd
http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-2.0.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd">
<security:http entry-point-ref="myAuthenticationEntryPoint"
auto-config="false" session-fixation-protection="none">
<security:intercept-url pattern="/login.iface"
filters="none" />
<security:intercept-url pattern="/img/**"
filters="none" />
<security:intercept-url pattern="/css/**"
filters="none" />
<security:intercept-url pattern="/scripts/**"
filters="none" />
<security:intercept-url pattern="/app/**"
access="IS_AUTHENTICATED_FULLY" />
<!-- <security:form-login login-page="/login.iface" default-target-url="/app/index.iface"
authentication-failure-url="/login.iface?login_error=true" /> -->
<security:logout logout-success-url="/login.jspx" />
</security:http>
<!-- Utilize 192.168.236.111 quando for testar local <security:ldap-server
url="${SOME.PROPERTY}" id="LDAPServer" /> -->
<bean id="memcachedLogin"
class="br.com.tpd.cac.thinkcat.memcached.MemCachedResourcesImpl">
<constructor-arg value="${SOME.PROPERTY}" />
<property name="timetoSet" value="${SOME.PROPERTY}" />
<property name="sessionTimeout" value="${SOME.PROPERTY}" />
</bean>
<!-- ************************************************************* *** Customized
LDAP Security Authentication/Authorization *** ************************************************************* -->
<bean id="contextSource"
class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
<constructor-arg value="${SOME.PROPERTY}" />
</bean>
<bean id="poolingContextSource"
class="org.springframework.ldap.pool.factory.PoolingContextSource"
destroy-method="close">
<property name="contextSource" ref="contextSource" />
<property name="dirContextValidator" ref="dirContextValidator" />
<property name="minIdle" value="${SOME.PROPERTY}" />
<property name="maxIdle" value="${SOME.PROPERTY}" />
<property name="maxActive" value="${SOME.PROPERTY}" />
<property name="maxTotal" value="${SOME.PROPERTY}" />
<property name="maxWait" value="${SOME.PROPERTY}" />
<property name="testOnBorrow" value="${SOME.PROPERTY}" />
<property name="testWhileIdle" value="${SOME.PROPERTY}" />
<property name="timeBetweenEvictionRunsMillis"
value="${SOME.PROPERTY}" />
<property name="minEvictableIdleTimeMillis"
value="${SOME.PROPERTY}" />
<property name="numTestsPerEvictionRun"
value="${SOME.PROPERTY}" />
</bean>
<bean id="dirContextValidator"
class="org.springframework.ldap.pool.validation.DefaultDirContextValidator" />
<bean id="ldapAuthProvider"
class="org.springframework.security.providers.ldap.LdapAuthenticationProvider">
<security:custom-authentication-provider />
<constructor-arg>
<bean
class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator">
<constructor-arg ref="contextSource" />
<property name="userDnPatterns">
<!-- <list><value>uid={0},ou=people,dc=portalsigres,dc=com</value></list> -->
<list>
<value>${SOME.PROPERTY}</value>
</list>
</property>
</bean>
</constructor-arg>
<constructor-arg>
<bean id="ThinkCATWebLdapUserDetails" class="br.com.tpd.cac.thinkcat.security.ldap.LdapUserDetails">
<constructor-arg ref="contextSource" />
<constructor-arg value="${SOME.PROPERTY}" />
</bean>
</constructor-arg>
</bean>
<!-- ************************************************************* *** Customized
LDAP Security Authentication/Authorization *** ************************************************************* -->
<!-- LDAP TEMPLATE -->
<bean id="LDAPTemplateContext" class="net.sf.ldaptemplate.support.LdapContextSource">
<property name="url" value="${SOME.PROPERTY}" />
<property name="base" value="${SOME.PROPERTY}" />
<property name="userName" value="${SOME.PROPERTY}" />
<property name="password" value="${SOME.PROPERTY}" />
<property name="dirObjectFactory"
value="org.springframework.ldap.core.support.DefaultDirObjectFactory" />
<!-- Dont use sun ldap pool. Use poolContextSource instead -->
<property name="pooled" value="false" />
</bean>
<bean id="ldapTemplate" class="net.sf.ldaptemplate.LdapTemplate">
<constructor-arg ref="LDAPTemplateContext" />
</bean>
<bean id="sessionRegistry"
class="org.springframework.security.concurrent.SessionRegistryImpl" />
<bean id="defaultConcurrentSessionController"
class="br.com.tpd.cac.thinkcat.security.acesso.DMConcurrentSessionController">
<property name="sessionRegistry" ref="sessionRegistry" />
<property name="exceptionIfMaximumExceeded" value="${SOME.PROPERTY}" />
<property name="cache" ref="memcachedLogin" />
</bean>
<bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
<property name="providers">
<list>
<ref local="ldapAuthProvider" />
</list>
</property>
<property name="sessionController" ref="defaultConcurrentSessionController" />
</bean>
<bean id="sucessfulAuthenticationCallbackImpl"
class="br.com.tpd.cac.thinkcat.security.acesso.SuccessfulAuthenticationCallbackImpl">
<property name="sessionTimeout" value="${SOME.PROPERTY}" />
<property name="cache" ref="memcachedLogin" />
</bean>
<bean id="myAuthenticationEntryPoint"
class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl" value="/login.iface" />
</bean>
<bean id="authenticationProcessingFilter"
class="br.com.tpd.cac.thinkcat.security.acesso.DMAuthenticationProcessingFilter">
<security:custom-filter position="AUTHENTICATION_PROCESSING_FILTER" />
<property name="defaultTargetUrl" value="/app/index.iface" />
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationFailureUrl" value="/login.iface?login_error=true" />
<property name="allowSessionCreation" value="true" />
<property name="callback" ref="sucessfulAuthenticationCallbackImpl" />
<property name="rememberMeServices" ref="rememberMeServices" />
</bean>
<bean id="rememberMeAuthenticationManager"
class="br.com.tpd.cac.thinkcat.security.acesso.RememberMeAuthenticationManager">
<property name="providers">
<list>
<ref local="ldapAuthProvider" />
</list>
</property>
</bean>
<bean id="rememberMeProcessingFilter"
class="br.com.tpd.cac.thinkcat.security.acesso.RememberMeAuthFilter">
<security:custom-filter position="REMEMBER_ME_FILTER" />
<property name="authenticationManager" ref="rememberMeAuthenticationManager" />
<property name="rememberMeServices" ref="rememberMeServices" />
<property name="cache" ref="memcachedLogin" />
<property name="bloqueioMultiploAcesso" value="${SOME.PROPERTY}" />
</bean>
<bean id="pdrUserDetails"
class="br.com.tpd.cac.thinkcat.security.ldap.PDRUserDetailsService" />
<bean id="rememberMeServices"
class="br.com.tpd.cac.thinkcat.security.acesso.TokenBasedRememberMeServices">
<property name="userDetailsService" ref="pdrUserDetails" />
<property name="key" value="DM_REMEMBERME_KEY" />
<property name="sessionTimeout" value="${SOME.PROPERTY}" />
<property name="cache" ref="memcachedLogin" />
</bean>
<bean id="rememberMeAuthenticationProvider"
class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider">
<security:custom-authentication-provider />
<property name="key" value="whatever" />
</bean>
</beans>
答案 0 :(得分:0)
这是您的http元素:
<security:http entry-point-ref="myAuthenticationEntryPoint"
auto-config="false" session-fixation-protection="none">
在现代Spring Security版本(4.x)中session-fixation-attribute不再由http支持;相反,它是在session-management:https://docs.spring.io/spring-security/site/docs/4.2.x/reference/html/appendix-namespace.html#nsa-session-management-attributes
以下是它的外观:
<security:http entry-point-ref="myAuthenticationEntryPoint"
auto-config="false">
<security:session-management session-fixation-protection="none"/>
... the rest
这只是部分答案。如果您有其他问题,请更新问题。
我已经使用了你的XML,现在Spring Security能够解析它。这是我得到的:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
xmlns:lang="http://www.springframework.org/schema/lang" xmlns:p="http://www.springframework.org/schema/p"
xmlns:util="http://www.springframework.org/schema/util" xmlns:camel="http://activemq.apache.org/camel/schema/spring"
xmlns:jee="http://www.springframework.org/schema/jee" xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/lang http://www.springframework.org/schema/lang/spring-lang.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
http://activemq.apache.org/camel/schema/spring http://activemq.apache.org/camel/schema/spring/camel-spring.xsd
http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-2.0.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd">
<security:http pattern="/login.iface" security="none" />
<security:http pattern="/img/**" security="none" />
<security:http pattern="/css/**" security="none" />
<security:http pattern="/scripts/**" security="none" />
<security:http entry-point-ref="myAuthenticationEntryPoint"
auto-config="false">
<security:session-management session-fixation-protection="none"/>
<security:intercept-url pattern="/app/**"
access="IS_AUTHENTICATED_FULLY" />
<!-- <security:form-login login-page="/login.iface" default-target-url="/app/index.iface"
authentication-failure-url="/login.iface?login_error=true" /> -->
<security:logout logout-success-url="/login.jspx" />
<security:custom-filter ref="authenticationProcessingFilter" position="FORM_LOGIN_FILTER"/>
<security:custom-filter ref="rememberMeProcessingFilter" position="REMEMBER_ME_FILTER" />
</security:http>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="ldapAuthProvider"/>
<security:authentication-provider ref="rememberMeAuthenticationProvider" />
</security:authentication-manager>
<!-- Utilize 192.168.236.111 quando for testar local <security:ldap-server
url="${SOME.PROPERTY}" id="LDAPServer" /> -->
<!--
<bean id="memcachedLogin"
class="br.com.tpd.cac.thinkcat.memcached.MemCachedResourcesImpl">
<constructor-arg value="${SOME.PROPERTY}" />
<property name="timetoSet" value="${SOME.PROPERTY}" />
<property name="sessionTimeout" value="${SOME.PROPERTY}" />
</bean>
-->
<!-- ************************************************************* *** Customized
LDAP Security Authentication/Authorization *** ************************************************************* -->
<bean id="contextSource"
class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
<constructor-arg value="${SOME.PROPERTY}" />
</bean>
<bean id="poolingContextSource"
class="org.springframework.ldap.pool.factory.PoolingContextSource"
destroy-method="close">
<property name="contextSource" ref="contextSource" />
<property name="dirContextValidator" ref="dirContextValidator" />
<property name="minIdle" value="${SOME.PROPERTY}" />
<property name="maxIdle" value="${SOME.PROPERTY}" />
<property name="maxActive" value="${SOME.PROPERTY}" />
<property name="maxTotal" value="${SOME.PROPERTY}" />
<property name="maxWait" value="${SOME.PROPERTY}" />
<property name="testOnBorrow" value="${SOME.PROPERTY}" />
<property name="testWhileIdle" value="${SOME.PROPERTY}" />
<property name="timeBetweenEvictionRunsMillis"
value="${SOME.PROPERTY}" />
<property name="minEvictableIdleTimeMillis"
value="${SOME.PROPERTY}" />
<property name="numTestsPerEvictionRun"
value="${SOME.PROPERTY}" />
</bean>
<bean id="dirContextValidator"
class="org.springframework.ldap.pool.validation.DefaultDirContextValidator" />
<bean id="ldapAuthProvider"
class="org.springframework.security.providers.ldap.LdapAuthenticationProvider">
<constructor-arg>
<bean
class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator">
<constructor-arg ref="contextSource" />
<property name="userDnPatterns">
<!-- <list><value>uid={0},ou=people,dc=portalsigres,dc=com</value></list> -->
<list>
<value>${SOME.PROPERTY}</value>
</list>
</property>
</bean>
</constructor-arg>
<constructor-arg>
<bean id="ThinkCATWebLdapUserDetails" class="br.com.tpd.cac.thinkcat.security.ldap.LdapUserDetails">
<constructor-arg ref="contextSource" />
<constructor-arg value="${SOME.PROPERTY}" />
</bean>
</constructor-arg>
</bean>
<!-- ************************************************************* *** Customized
LDAP Security Authentication/Authorization *** ************************************************************* -->
<!-- LDAP TEMPLATE -->
<bean id="LDAPTemplateContext" class="net.sf.ldaptemplate.support.LdapContextSource">
<property name="url" value="${SOME.PROPERTY}" />
<property name="base" value="${SOME.PROPERTY}" />
<property name="userName" value="${SOME.PROPERTY}" />
<property name="password" value="${SOME.PROPERTY}" />
<property name="dirObjectFactory"
value="org.springframework.ldap.core.support.DefaultDirObjectFactory" />
<!-- Dont use sun ldap pool. Use poolContextSource instead -->
<property name="pooled" value="false" />
</bean>
<bean id="ldapTemplate" class="net.sf.ldaptemplate.LdapTemplate">
<constructor-arg ref="LDAPTemplateContext" />
</bean>
<bean id="sessionRegistry"
class="org.springframework.security.concurrent.SessionRegistryImpl" />
<bean id="defaultConcurrentSessionController"
class="br.com.tpd.cac.thinkcat.security.acesso.DMConcurrentSessionController">
<property name="sessionRegistry" ref="sessionRegistry" />
<property name="exceptionIfMaximumExceeded" value="${SOME.PROPERTY}" />
<property name="cache" ref="memcachedLogin" />
</bean>
<bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
<property name="providers">
<list>
<ref bean="ldapAuthProvider" />
</list>
</property>
<property name="sessionController" ref="defaultConcurrentSessionController" />
</bean>
<bean id="sucessfulAuthenticationCallbackImpl"
class="br.com.tpd.cac.thinkcat.security.acesso.SuccessfulAuthenticationCallbackImpl">
<property name="sessionTimeout" value="${SOME.PROPERTY}" />
<property name="cache" ref="memcachedLogin" />
</bean>
<bean id="myAuthenticationEntryPoint"
class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl" value="/login.iface" />
</bean>
<bean id="authenticationProcessingFilter"
class="br.com.tpd.cac.thinkcat.security.acesso.DMAuthenticationProcessingFilter">
<property name="defaultTargetUrl" value="/app/index.iface" />
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationFailureUrl" value="/login.iface?login_error=true" />
<property name="allowSessionCreation" value="true" />
<property name="callback" ref="sucessfulAuthenticationCallbackImpl" />
<property name="rememberMeServices" ref="rememberMeServices" />
</bean>
<bean id="rememberMeAuthenticationManager"
class="br.com.tpd.cac.thinkcat.security.acesso.RememberMeAuthenticationManager">
<property name="providers">
<list>
<ref bean="ldapAuthProvider" />
</list>
</property>
</bean>
<bean id="rememberMeProcessingFilter"
class="br.com.tpd.cac.thinkcat.security.acesso.RememberMeAuthFilter">
<property name="authenticationManager" ref="rememberMeAuthenticationManager" />
<property name="rememberMeServices" ref="rememberMeServices" />
<property name="cache" ref="memcachedLogin" />
<property name="bloqueioMultiploAcesso" value="${SOME.PROPERTY}" />
</bean>
<bean id="pdrUserDetails"
class="br.com.tpd.cac.thinkcat.security.ldap.PDRUserDetailsService" />
<bean id="rememberMeServices"
class="br.com.tpd.cac.thinkcat.security.acesso.TokenBasedRememberMeServices">
<property name="userDetailsService" ref="pdrUserDetails" />
<property name="key" value="DM_REMEMBERME_KEY" />
<property name="sessionTimeout" value="${SOME.PROPERTY}" />
<property name="cache" ref="memcachedLogin" />
</bean>
<bean id="rememberMeAuthenticationProvider"
class="org.springframework.security.authentication.RememberMeAuthenticationProvider">
<property name="key" value="whatever" />
</bean>
</beans>
我改变了什么:
<ref>:将local替换为bean属性session-fixation-protection(如上所述)<custom-authentication-provider>元素AUTHENTICATION_PROCESSING_FILTER重命名为FORM_LOGIN_FILTER <custom-filter>元素<intercept-url> filters="none"删除了它,并添加了<http>元素security="none"(这是推荐的方式)RememberMeAuthenticationProvider 这是由Spring成功解析的。上下文启动失败,因为它找不到我没有的自定义类(br.com.tpd.cac.thinkcat.security.acesso.TokenBasedRememberMeServices)。它可能需要进一步的工作,但至少它不会再出现一个神秘的错误信息。
还有一件事:我使用Spring Security 3.1.4来玩它,而不是Spring 4.3.x,因为我今天只是花时间。所以这又是一个部分答案,我写下来希望它会对你有帮助。