堆栈内存溢出
  简体   繁体   English

Spring4安全配置

[英]Spring4 Security configuration

 原文  2018-08-05 19:28:51       java/ spring/ spring-mvc/ spring-security/ spring-4

问题描述

I'm using Spring4 with tomcat, my web.xml follow: 我在tomcat中使用Spring4,我的web.xml如下: 

<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>WEB-INF/classes/resources/beans.xml</param-value>
</context-param>
<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

<servlet>
    <servlet-name>spring</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <init-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/spring-servlet.xml</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
    <servlet-name>spring</servlet-name>
    <url-pattern>*.html</url-pattern>
</servlet-mapping>
<resource-ref>
    <description>MySQL Datasource</description>
    <res-ref-name>jdbc/informagiovani</res-ref-name>
    <res-type>javax.sql.DataSource</res-type>
    <res-auth>Container</res-auth>
</resource-ref>
<welcome-file-list>
    <welcome-file>index.html</welcome-file>
</welcome-file-list>

My beans.xml is the follows and is empty because all the beans I need are defined with annotation: 我的beans.xml如下所示,并且为空,因为我需要的所有Bean都带有注释定义: 

<beans xmlns = "http://www.springframework.org/schema/beans"
xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance"
xmlns:context = "http://www.springframework.org/schema/context"
xsi:schemaLocation = "http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">

<context:annotation-config />

</beans>

I defined the spring-servlet.xml as follows: 我将spring-servlet.xml定义如下: 

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd">

<context:component-scan base-package="it.informagiovani" />

<mvc:annotation-driven />

<bean id="viewResolver" class="org.springframework.web.servlet.view.UrlBasedViewResolver">
    <property name="viewClass" value="org.springframework.web.servlet.view.JstlView" />
    <property name="prefix" value="/WEB-INF/views/" />
    <property name="suffix" value=".jsp" />
</bean>

</beans>

I defined the security configuration as I found on a Spring documentation: 我在Spring文档中找到了安全配置: 

@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

@Autowired
public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception {
    auth.inMemoryAuthentication().withUser("giacomo").password("230483").roles("ADMIN");
}

@Override
protected void configure(HttpSecurity http) throws Exception {

  http.authorizeRequests()
    .antMatchers("/", "/home").permitAll() 
    .antMatchers("/addUser").access("hasRole('ADMIN')")
    .antMatchers("/saveUser").access("hasRole('ADMIN')")
    .and().formLogin();


}
}

When I launch the aplication I get a: 当我启动应用程序时,我得到: 

No bean named 'springSecurityFilterChain' available

What's wrong? 怎么了? I suppose I'm mixing annotation and xml configuration at least for the spring security but I need web.xml file because of previous configuration. 我想我至少在弹簧安全性方面混合了注释和xml配置,但是由于先前的配置,我需要web.xml文件。 Is there a way to solve this or I must use the security-config.xml instead of the configuration class I posted? 有没有办法解决这个问题,或者我必须使用security-config.xml而不是我发布的配置类?

Thank you 谢谢

1 个解决方案

解决方案1
 0  2018-08-06 08:58:19

I think the problem is in your beans.xml configuration file. 我认为问题出在您的beans.xml配置文件中。 You did not declare component-scan attribute and Spring does not know that you have a java security configuration. 您没有声明component-scan属性,并且Spring不知道您具有Java安全配置。

Just add <context:component-scan base-package="my.package"/> to beans.xml and the error should disappear. 只需将<context:component-scan base-package="my.package"/>beans.xml ,该错误就会消失。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Thymeleaf和Spring4配置 - Thymeleaf and Spring4 configuration 尝试升级到Spring4没有xml配置webapp - trying to upgrade to Spring4 no xml configuration webapp 如何将spring4与spring security3.2.3集成 - how to integrate spring4 with spring security3.2.3 websocket over spring4 和 spring security SockJS /info?t= - websocket over spring4 and spring security SockJS /info?t= Spring Security配置到Java配置 - Spring security configuration to java configuration Spring Security 配置中的 BcryptEncoder 配置 - BcryptEncoder configuration in Spring Security Configuration 使用Spring4找不到MappingJacksonHttpMessageConverter - MappingJacksonHttpMessageConverter not found with Spring4 Spring4 MVC的组成部分 - Spring4 MVC multiparts Spring Security Java配置 - Spring Security Java configuration Spring安全性和@Configuration顺序 - Spring security and @Configuration order
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM