由于跨平台限制,我试图在spring security中外化过滤器链。虽然当我将过滤器列表指定为字符串文字时效果很好,但如果我尝试使用PropertyPlaceHolderConfigurer将过滤器字符串移出到属性文件中,请使用以下代码:
<security:filter-chain pattern="/**/*auth=kerberos*"
filters="${kerberosFilters}"/>
我收到以下错误消息:
Exception sending context initialized event to listener instance of class org.springframework.web.context.ContextLoaderListener
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class path resource
[config/common/security/spring-security.xml]:
Cannot resolve reference to bean 'httpSessionContextIntegrationFilter,logoutFilter,spnegoAuthenticationProcessingFilter,securityContextHolderAwareRequestFilter,spnegoExceptionTranslationFilter,filterSecurityInterceptor'
while setting bean property 'filterChainMap' with key [/**/*auth=kerberos*] with key [0];
nested exception is
org.springframework.beans.factory.NoSuchBeanDefinitionException:
No bean named
'httpSessionContextIntegrationFilter,logoutFilter,spnegoAuthenticationProcessingFilter,securityContextHolderAwareRequestFilter,spnegoExceptionTranslationFilter,filterSecurityInterceptor'
is defined
看起来从属性文件中读取时,Spring正试图将整个字符串视为单个bean名称。
有没有办法解决这个问题,还是Spring框架的限制?
答案 0 :(得分:0)
我想知道这样的事情会起作用吗? (这是未经测试的。)
<property name="filterList">
<list ref="${kerberosFilters}"/>
</property>