授权查询的结果集无效

时间:2011-11-17 13:45:55

标签: java flex spring-security

我必须连接第三方工具才能获得授权,该工具称为我的客户使用的超人。不确定这是内部还是购买。我使用Spring安全性进行身份验证,通过在JDBC服务外部提供查询来完成用户。执行特定于此工具的授权查询时,出现以下错误:

"Authentication event AuthenticationFailureServiceExceptionEvent: liseol; 
details: null; 
exception: PreparedStatementCallback; 
invalid ResultSet access for SQL [SELECT id_fonction_if AS functions 
FROM superman.AUTORISATIONS, superman.INCLUS_FONCTIONS 
WHERE id_grp_de_fonctions_a=id_grp_de_fonctions_if 
AND id_domaine_if =id_domaine_a 
AND id_application_if =id_application_a 
AND id_domaine_a ='SI' 
AND id_application_a ='PAN' 
AND no_emp_a =(select emp_no from sigsi.employes 
where upper(emp_logon)= upper(?))]; 
nested exception is java.sql.SQLException: 
Index de colonne non valide" (Column index is invalid).

以下是我的安全配置文件详细信息  

</security:global-method-security>

<security:http auto-config="true">
  <security:intercept-url pattern="PanierSIG.html"/>
  <security:intercept-url pattern="/**/*.swf"/>
  <security:intercept-url pattern="/**" />
</security:http>



<security:authentication-manager alias="_authenticationManager">
    <security:authentication-provider>
       <security:password-encoder hash="plaintext"/>
       <security:jdbc-user-service data-source-ref="dataSource"
                        users-by-username-query="select LOGON,PASSWORD,CATALOGUE from sigpan.UTILISATEURS where LOGON = ?" 
                        authorities-by-username-query="SELECT id_fonction_if AS functions
                        FROM superman.AUTORISATIONS, superman.INCLUS_FONCTIONS
                        WHERE id_grp_de_fonctions_a=id_grp_de_fonctions_if
                        AND id_domaine_if          =id_domaine_a
                        AND id_application_if      =id_application_a
                        AND id_domaine_a           ='SI'
                        AND id_application_a       ='PAN'
                        AND no_emp_a =(select emp_no from sigsi.employes where upper(emp_logon)= upper(?))"/>

                        <!--
                        group-authorities-by-username-query="select g.id, g.group_name, ga.authority from groups g, group_members gm, group_authorities ga where gm.username = ? and g.id = ga.group_id and g.id = gm.group_id"
                        -->
    </security:authentication-provider>
</security:authentication-manager>

<!-- Automatically receives AuthenticationEvent messages -->
<bean id="loggerListener" class="org.springframework.security.authentication.event.LoggerListener"/>

我想补充说我的项目是基于flex的java。 Flex 4,Java 5,Spring 3.0.5。 Release和Spring Secuirty 3.1.0.M1。

1 个答案:

答案 0 :(得分:0)

“列索引无效”与JDDC ResultSet上的IndexOutOfBoundsException相当。 spring框架显然希望你的权限 - 用户名 - 查询返回多个列。

我不熟悉Spring框架,但是在基于JAAS的JBOSSAS内置安全性中,看起来非常类似于上面所做的,你必须添加一个“角色”列。

SELECT id_fonction_if AS functions, 'Roles'
                        FROM superman.AUTORISATIONS, superman.INCLUS_FONCTIONS
                        WHERE id_grp_de_fonctions_a=id_grp_de_fonctions_if
                        AND id_domaine_if          =id_domaine_a
                        AND id_application_if      =id_application_a
                        AND id_domaine_a           ='SI'
                        AND id_application_a       ='PAN'
                        AND no_emp_a =(select emp_no from sigsi.employes where upper(emp_logon)= upper(?))
相关问题
最新问题