"在SecurityContext"中找不到Authentication对象。使用@secured方法时

时间:2017-07-19 08:58:25

标签: java spring spring-mvc spring-security mybatis

我是Java开发的新手,我正在尝试使用@secured注释在方法级别实现spring安全性。

当我打电话给我的" / login"我收到以下错误:

"An Authentication object was not found in the SecurityContext"

PS:我没有使用.jsp文件进行登录,知道如何管理此错误吗?

这是我的代码部分。

@Controller
@RequestMapping("/login")
public class LoginController {
@Autowired
public IUserService userService;
@RequestMapping(method = RequestMethod.GET)
public String success(ModelMap map) {       
    userService.addUser("ram", "con1234");
    userService.deleteUser("ABC");
    map.addAttribute("msg", "Done Successfully");
    return "success";
    }  
}

public interface IUserService {
@Secured ({"ROLE_USER", "ROLE_ADMIN"})
public void addUser(String name, String pwd);
@Secured("ROLE_ADMIN")
public void deleteUser(String name);
}


@Repository 
public class UserServiceSec implements IUserService {

@Override
public void addUser(String name, String pwd) {
    System.out.println("user added");
}
@Override
public void deleteUser(String name) {
    System.out.println("user deleted");
}

}

的web.xml 

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee      http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
id="WebApp_ID" version="3.1">
<display-name>EQUADIS</display-name>
<welcome-file-list>
    <welcome-file>/login</welcome-file>
</welcome-file-list>
<servlet>
    <servlet-name>dispatcher</servlet-name>
    <servlet- class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <init-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/spring-config.xml
        /WEB-INF/security-config.xml
        </param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
    <servlet-name>dispatcher</servlet-name>
    <url-pattern>/</url-pattern>
</servlet-mapping>

安全-config.xml的

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans- 3.2.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd">

<http auto-config="true">
    <intercept-url pattern="/login" access="ROLE_USER,ROLE_ADMIN" />
    <logout logout-success-url="/login" />
</http>

<authentication-manager>
  <authentication-provider>
   <user-service>
    <user name="ram" password="con1234" authorities="ROLE_ADMIN" />
    <user name="rahim" password="con1234" authorities="ROLE_USER" />
  </user-service>
  </authentication-provider>
</authentication-manager>

<global-method-security secured-annotations="enabled" />
<beans:bean name="userServiceSec"    class="package.service.UserServiceSec"/>

1 个答案:

答案 0 :(得分:0)

您的web.xml中似乎没有DelegatingFilterProxy过滤器。你需要有以下内容; 

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>
相关问题
最新问题