JdbcMutableAclService - 事务必须正在运行

时间:2011-04-19 09:08:50

标签: java spring transactions spring-security acl

我正在尝试将spring security acl实现到项目中。在构建主配置部分并创建相应的数据库模式之后,我正在尝试创建一些ACE并让魔法发生。但我一遍又一遍地面对这个例外

java.lang.IllegalArgumentException: Transaction must be running
    org.springframework.util.Assert.isTrue(Assert.java:65)
    org.springframework.security.acls.jdbc.JdbcMutableAclService.createOrRetrieveSidPrimaryKey(JdbcMutableAclService.java:219)
    org.springframework.security.acls.jdbc.JdbcMutableAclService$1.setValues(JdbcMutableAclService.java:136)
    org.springframework.jdbc.core.JdbcTemplate$4.doInPreparedStatement(JdbcTemplate.java:892)
    org.springframework.jdbc.core.JdbcTemplate$4.doInPreparedStatement(JdbcTemplate.java:1)
    org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:586)
    org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:614)
    org.springframework.jdbc.core.JdbcTemplate.batchUpdate(JdbcTemplate.java:883)
    org.springframework.security.acls.jdbc.JdbcMutableAclService.createEntries(JdbcMutableAclService.java:123)
    org.springframework.security.acls.jdbc.JdbcMutableAclService.updateAcl(JdbcMutableAclService.java:314)

我的基本配置部分

<bean id="dataSource"
    class="org.apache.commons.dbcp.BasicDataSource"
    destroy-method="close" >
    <property name="driverClassName" value="${core.db.driverClassName}" />
    <property name="url" value="${core.db.jdbcUrl}" />
    <property name="username" value="${core.db.user}" />
    <property name="password" value="${core.db.password}" />
</bean>

<bean id="aclCache"
    class="org.springframework.security.acls.domain.EhCacheBasedAclCache">
    <constructor-arg>
        <bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
            <property name="cacheManager">
                <bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean" />
            </property>
            <property name="cacheName" value="aclCache" />
        </bean>
    </constructor-arg>
</bean>

<bean id="auditLogger"
    class="org.springframework.security.acls.domain.ConsoleAuditLogger" />

<bean id="aclAuthorizationStrategy"
    class="org.springframework.security.acls.domain.AclAuthorizationStrategyImpl">
    <constructor-arg name="auths">
        <list>
            <bean
                class="org.springframework.security.core.authority.GrantedAuthorityImpl">
                <constructor-arg value="ACL_ADMIN" />
            </bean>
            <bean
                class="org.springframework.security.core.authority.GrantedAuthorityImpl">
                <constructor-arg value="ACL_ADMIN" />
            </bean>
            <bean
                class="org.springframework.security.core.authority.GrantedAuthorityImpl">
                <constructor-arg value="ACL_ADMIN" />
            </bean>
        </list>
    </constructor-arg>
</bean>

<bean id="lookupStrategy" class="org.springframework.security.acls.jdbc.BasicLookupStrategy">
    <constructor-arg name="dataSource" ref="dataSource"/>
    <constructor-arg name="aclCache" ref="aclCache"/>
    <constructor-arg name="aclAuthorizationStrategy" ref="aclAuthorizationStrategy"/>
    <constructor-arg name="auditLogger" ref="auditLogger"/>
</bean>

<bean id="aclService"
    class="org.springframework.security.acls.jdbc.JdbcMutableAclService" >
    <constructor-arg name="dataSource" ref="dataSource" />
    <constructor-arg name="lookupStrategy" ref="lookupStrategy" />
    <constructor-arg name="aclCache" ref="aclCache" />
    <property name="sidIdentityQuery" value="SELECT id FROM acl_sid" />
    <property name="classIdentityQuery" value="SELECT id FROM acl_class" />
</bean>

<bean id="jdbcTransactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
    <property name="dataSource" ref="dataSource"></property>
</bean>

<bean id="txProxyTemplate" abstract="true" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean"> 
    <property name="transactionManager"><ref local="jdbcTransactionManager"/></property> 
    <property name="target"><ref local="aclService" /></property> 
    <property name="transactionAttributes"> 
        <props> 
            <prop key="create*">PROPAGATION_REQUIRED</prop> 
            <prop key="update*">PROPAGATION_REQUIRED</prop> 
            <prop key="delete*">PROPAGATION_REQUIRED</prop> 
        </props> 
    </property> 
</bean>

似乎我遗漏了一些东西,因为事务应该通过TransactionProxy处于活动状态。

以这种方式在控制器中访问服务

...
ObjectIdentity oi = new ObjectIdentityImpl(X.class, vm.hashCode());
Sid sid = new PrincipalSid(userDn);
Permission p = BasePermission.READ;

// Create or update the relevant ACL
MutableAcl acl = null;
try {
    acl = (MutableAcl) aclService.readAclById(oi);
} catch (NotFoundException nfe) {
    acl = aclService.createAcl(oi);
}

// Now grant some permissions via an access control entry (ACE)
acl.insertAce(acl.getEntries().size(), p, sid, true);
aclService.updateAcl(acl);
...

3 个答案:

答案 0 :(得分:8)

尝试使用事务模板覆盖调用aclService方法:

TransactionTemplate tt = new TransactionTemplate(transactionManager);
    tt.execute(new TransactionCallbackWithoutResult() {
        @Override
        protected void doInTransactionWithoutResult(TransactionStatus status) {
            ObjectIdentity oid = new ObjectId
            entityImpl(clazz.getCanonicalName(), securedObject.getId());
                // your aclService operation here: 
                aclService.deleteAcl(oid, true);            
        }
    });

答案 1 :(得分:5)

您提到的错误只发生在acl_sid表中不存在sid并且由Spring ACL自动插入时。尝试手动添加行,然后重新运行代码。这对我有用。

参考http://forum.springsource.org/showthread.php?55490-ACL-Transaction-must-be-running

答案 2 :(得分:0)

上述方法或服务(包含该方法)的@Transactional注释可以解决此问题。

相关问题
最新问题