[英]Spring security. authorize doesn't work on jsp
I had following jsp page and that jsp compiles as expected 我有跟随jsp页面,并且jsp按预期编译
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="sprSec" uri="http://www.springframework.org/security/tags"%>
<c:if test="${sessionScope.userName!=null}">
...
</c:if>
In login controller method I have following row: 在登录控制器方法中,我有以下行:
session.setAttribute("userName", name);
I thought that better to rewrite it using spring security tags 我认为最好用spring security标签重写它
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="sprSec" uri="http://www.springframework.org/security/tags"%>
<sprSec:authorize access="isAuthenticated()">
...
</sprSec:authorize>
And now I have following error when try to acces to page: 现在我在尝试访问页面时遇到以下错误:
org.apache.jasper.JasperException: org.apache.jasper.JasperException: An exception occurred processing JSP page /WEB-INF/*/*****.jsp at line 5
2: <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
3: <%@ taglib prefix="sprSec" uri="http://www.springframework.org/security/tags"%>
4:
5: <sprSec:authorize access="isAuthenticated()">
6:
7: <c:set var="profileUrl" value="#" scope="request" />
8: <sprSec:authorize ifAllGranted="ROLE_USER">
....
root cause
javax.servlet.ServletException: javax.servlet.jsp.JspException: java.io.IOException: No visible WebSecurityExpressionHandler instance could be found in the application context. There must be at least one in order to support expressions in JSP 'authorize' tags.
..........
This is probably a duplicate of Spring Security - No visible WebSecurityExpressionHandler instance could be found in the application context . 这可能是Spring Security的副本- 在应用程序上下文中找不到可见的WebSecurityExpressionHandler实例 。
As pointed out there, make sure to add an use-expressions
attribute set to true for your configuration's http
element, ie write <http use-expressions="true">
. 正如在那里指出的那样,确保为配置的http
元素添加一个use-expressions
属性设置为true,即write <http use-expressions="true">
。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.