我对sec :: authorize遇到问题,它不起作用。我几乎尝试了一切。
这是我的项目中的示例:
<div sec:authorize="isAuthenticated()">
<form action="logmeout" th:action="@{/logmeout}" method="post" id="form1"></form>
<button type="submit" form="form1" value="Submit">Wyloguj</button>
</div>
<div sec:authorize="isAnonymous()">
<form action="logmeout" th:action="@{/logmeout}" method="post" id="form2"></form>
<button type="submit" form="form2" value="Submit">Zaloguj</button>
</div>
Sec:authorize始终为true,并且所有形式均可见。
我的pom文件:
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-validation</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>nz.net.ultraq.thymeleaf</groupId>
<artifactId>thymeleaf-layout-dialect</artifactId>
</dependency>
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity3</artifactId>
<version>2.1.2.RELEASE</version>
</dependency>
<dependency>
<groupId>com.opencsv</groupId>
<artifactId>opencsv</artifactId>
<version>4.4</version>
</dependency>
</dependencies>
<build>
<finalName>springApp</finalName>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
和SecurityConfig:
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
public PasswordEncoder passwordEncoder() {
PasswordEncoder passwordEncoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
return passwordEncoder;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
String[] staticResources = {
"/css/**",
"/img/**",
"/fonts/**",
"/scripts/**",
};
http
.authorizeRequests()
.antMatchers(staticResources).permitAll()
.antMatchers("/").permitAll()
.antMatchers("/register").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/loginform")
.permitAll()
.loginProcessingUrl("/processlogin")
.permitAll()
.usernameParameter("user")
.passwordParameter("pass")
.and()
.logout()
.logoutUrl("/logmeout")
.logoutSuccessUrl("/logoutservice")
.permitAll();
}
}
当我尝试添加时:
<div th:text="${#authentication.name}">
我看到评估SpringEL表达式“#authentication.name”的错误异常。 我该如何处理?
答案 0 :(得分:1)
大多数情况与您的依赖项和相关版本有关。我假设您的spring-boot version
是 2.1.X ,那么您应该使用以下依赖项:
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity5</artifactId>
</dependency>
在this这样的问题中也对此有所说明。