创建名为'org.springframework.security.filterChains'的bean时出错

时间:2012-03-11 06:11:56

标签: spring spring-mvc spring-security

我刚刚切换到Spring security 3.1,因为我遇到了这个问题“Different Login pages for mobile and desktop while using Spring Security

所以我得到了一个切换到spring security 3.1的解决方案,现在我在运行应用程序时遇到了这个新的异常。 

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve reference to bean 'org.springframework.security.web.DefaultSecurityFilterChain#4' while setting bean property 'sourceList' with key [4]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#4': Cannot create inner bean '(inner bean)' of type [org.springframework.security.web.authentication.logout.LogoutFilter] while setting constructor argument with key [1]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#6': Cannot resolve reference to bean 'org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices#0' while setting constructor argument with key [1]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices#0': Cannot create inner bean '(inner bean)' while setting bean property 'userDetailsService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#7': Initialization of bean failed; nested exception is org.springframework.beans.factory.BeanInitializationException: Property 'sessionFactory' is required for bean '(inner bean)#7'

我的applicationContext看起来像这样

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
   http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd"
default-lazy-init="true">

<!-- Activates scanning of @Autowired -->
<context:annotation-config />

 <!-- Activates scanning of @Repository -->
<context:component-scan base-package="com.example.dao"/>
<context:component-scan base-package="com.example.dao.user"/>
<context:component-scan base-package="com.example.model"/>
<context:component-scan base-package="com.example.controller"/>
<context:component-scan base-package="com.example.service"/>
<context:component-scan base-package="com.example.service.impl"/>
<bean id="sessionFactory"
    class="org.springframework.orm.hibernate3.LocalSessionFactoryBean">
    <property name="configLocation">
        <value>/WEB-INF/hibernate.cfg.xml</value>
    </property>

</bean>

<bean id="transactionManager" class="org.springframework.orm.hibernate3.HibernateTransactionManager">
    <property name="sessionFactory" ref="sessionFactory"/>
</bean>

我的applicationContext-security.xml看起来像

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
      http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
      http://www.springframework.org/schema/security
      http://www.springframework.org/schema/security/spring-security-3.1.xsd">
      <security:http pattern="/images/**" security="none"/>
      <security:http pattern="/Stylesheets/**" security="none"/>
      <security:http pattern="/JavaScript/**" security="none"/>
      <security:http pattern="/scripts/**" security="none"/>

<security:http auto-config="true">
    <security:intercept-url pattern="/passwordHint*" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_ADMIN,ROLE_USER"/>
    <security:intercept-url pattern="/signup*" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_USER,ROLE_ADMIN"/>
    <security:intercept-url pattern="/login.htm" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_USER,ROLE_ADMIN"/>
    <security:intercept-url pattern="/home.htm" access="ROLE_USER,ROLE_ADMIN"/>
    <security:intercept-url pattern="/changepwd.htm" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_USER,ROLE_ADMIN"/>
    <security:intercept-url pattern="/pwd.htm*" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_USER,ROLE_ADMIN" />
    <security:intercept-url pattern="/favicon.ico" access="IS_AUTHENTICATED_ANONYMOUSLY" />
    <security:intercept-url pattern="/**" access="ROLE_USER,ROLE_ADMIN"/>
    <security:form-login login-page="/login.htm" authentication-success-handler-ref="customHandler"
        authentication-failure-url="/login.htm?error=true" default-target-url="/home.htm"
        login-processing-url="/j_security_check"  />
     <security:remember-me user-service-ref="userDAO" key="e37f4b31-0c45-11dd-bd0b-0800200c9a66"/>
</security:http>    

 <security:http auto-config="true">

    <security:intercept-url pattern="mobile/passwordHint*" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_ADMIN,ROLE_USER"/>
    <security:intercept-url pattern="mobile/signup*" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_USER,ROLE_ADMIN"/>
    <security:intercept-url pattern="mobile/login.htm" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_USER,ROLE_ADMIN"/>
    <security:intercept-url pattern="mobile/home.htm" access="ROLE_USER,ROLE_ADMIN"/>
    <security:intercept-url pattern="mobile/changepwd.htm" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_USER,ROLE_ADMIN"/>
    <security:intercept-url pattern="mobile/pwd.htm*" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_USER,ROLE_ADMIN" />
    <security:intercept-url pattern="mobile/favicon.ico" access="IS_AUTHENTICATED_ANONYMOUSLY" />
    <security:intercept-url pattern="mobile/**" access="ROLE_USER,ROLE_ADMIN"/>
    <security:form-login login-page="/mlogin.htm" authentication-success-handler-ref="customHandler"
        authentication-failure-url="/mlogin.htm?error=true" default-target-url="/mhome.htm"
        login-processing-url="/j_spring_security_check"  />
     <security:remember-me user-service-ref="userDAO" key="e37f4b31-0c45-11dd-bd0b-0800200c9a66"/>
</security:http>

<bean id="customHandler" class="com.example.auth.AuthenticationHandler">
</bean>

<security:authentication-manager>
    <security:authentication-provider user-service-ref="userDAO">
        <!--
        TODO skipped to allow password emailing instead of password change and security
        TODO question hell..
      -->
       <!--  <password-encoder ref="passwordEncoder"/>  -->
    </security:authentication-provider>
</security:authentication-manager>

</beans>

这些配置有什么问题吗?

1 个答案:

答案 0 :(得分:0)

您能提供完整的异常堆栈跟踪吗?我认为你不能有两个

<security:http auto-config="true"/>

在具有所有拦截网址设置的相同spring-security配置中。如果您需要两个单独的登录页面在登录请求中具有属性或使用“userAgent”并在控制器中进行切换。

相关问题
最新问题