[英]No bean resolver registered in the context to resolve access to bean
I'm trying to implement method security using Java Config, but I'm getting a error:-我正在尝试使用 Java Config 实现方法安全性,但出现错误:-
org.springframework.expression.spel.SpelEvaluationException: EL1057E:(pos 1): No bean resolver registered in the context to resolve access to bean 'appPermissionEvaluator'
The method is:-方法是:-
@PreAuthorize("@appPermissionEvaluator.hasSystemPermission()")
public String something() {
...
}
The Config class definition is (MethodSecurityConfig.java):- Config 类定义是 (MethodSecurityConfig.java):-
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
@Bean
public AppPermissionEvaluator appPermissionEvaluator() {
return new AppPermissionEvaluator();
}
@Override
protected MethodSecurityExpressionHandler createExpressionHandler() {
DefaultMethodSecurityExpressionHandler expressionHandler =
new DefaultMethodSecurityExpressionHandler();
expressionHandler.setPermissionEvaluator(appPermissionEvaluator());
return expressionHandler;
}
...
}
I checked that I'm able to autowire the bean in the same class, also I found the default hasPermission() methods are working as I've implemented them, the only problem is reading the bean from SpEL.我检查了我是否能够在同一个类中自动装配 bean,而且我发现默认的 hasPermission() 方法在我实现它们时正在工作,唯一的问题是从 SpEL 读取 bean。 I'm not sure what's wrong.
我不确定出了什么问题。 Any Pointers?
任何指针?
I'm using Spring 4.1.5 and Spring security 3.2.7我正在使用 Spring 4.1.5 和 Spring security 3.2.7
You need to ensure that you set the ApplicationContext on the DefaultMethodSecurityExpresssionHandler.您需要确保在 DefaultMethodSecurityExpresssionHandler 上设置 ApplicationContext。 For example:
例如:
@Autowired
private ApplicationContext context;
// ...
@Override
protected MethodSecurityExpressionHandler expressionHandler() {
DefaultMethodSecurityExpressionHandler expressionHandler =
new DefaultMethodSecurityExpressionHandler();
expressionHandler.setPermissionEvaluator(appPermissionEvaluator());
// !!!
expressionHandler.setApplicationContext(context);
return expressionHandler;
}
Alternatively and more concisely, if you define a single PermissionEvaluator as a Bean and Spring Security will automatically pick it up (no need to override expressionHandler()).或者更简洁地,如果您将单个 PermissionEvaluator 定义为 Bean,Spring Security 将自动选择它(无需覆盖 expressionHandler())。 For example:
例如:
@Bean
public PermissionEvaluator appPermissionEvaluator() {
...
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.