stackoom
  简体   繁体   中英

Spring Security 3.2 with Spring MVC 4.0.1.RELEASE

 原文  2014-02-01 22:09:22       java/ spring/ spring-mvc/ intellij-idea/ spring-security

Question

I am having some issues configuring my spring web application using gradle. Gradle: 

    apply plugin: 'java'

sourceCompatibility = 1.7
version = '1.0'

repositories {
    mavenCentral()
}

configurations.all {
    resolutionStrategy.eachDependency { DependencyResolveDetails details ->
        if (details.requested.group == 'org.springframework') {
            details.useVersion '4.0.1.RELEASE'
        }
    }
}

configurations {
    provided
}
sourceSets {
    main { compileClasspath += configurations.provided }
}

dependencies {
    testCompile group: 'junit', name: 'junit', version: '4.11'
    provided 'javax:javaee-web-api:7.0'
    compile 'org.springframework:spring-context:4.0.1.RELEASE'
    compile 'org.springframework:spring-webmvc:4.0.1.RELEASE'
    compile 'org.springframework.webflow:spring-webflow:2.3.2.RELEASE'
    compile 'org.springframework.data:spring-data-jpa:1.4.3.RELEASE'
    compile 'org.springframework.security:spring-security-web:3.2.0.RELEASE'
    compile 'org.springframework.security:spring-security-config:3.2.0.RELEASE'
    compile 'org.hibernate:hibernate-entitymanager:4.2.7.Final'
    compile 'mysql:mysql-connector-java:5.1.26'
    compile 'org.thymeleaf:thymeleaf-spring4:2.1.2.RELEASE'
    compile 'org.apache.servicemix.bundles:org.apache.servicemix.bundles.commons-dbcp:1.4_3'
}

I have SecurityConfiguration.java class contains: 

package asd;

import asd.UserDetailsServiceAdapter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.servlet.support.csrf.CsrfRequestDataValueProcessor;
import org.springframework.web.servlet.support.RequestDataValueProcessor;

@Configuration
@EnableWebMvcSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
@ComponentScan(basePackageClasses = UserDetailsServiceAdapter.class)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Autowired
    private UserDetailsService userDetailsService;

    @Bean
    public RequestDataValueProcessor requestDataValueProcessor() {
        return new CsrfRequestDataValueProcessor();
    }

    // @formatter:off
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/resources/**", "/signup").permitAll()
                .anyRequest().authenticated().and()
            .formLogin().and()
                .loginPage("/login")
                .permitAll()
                .and()
            .logout()
                .permitAll();
    }
    // @formatter:on

    @Autowired
    public void registerAuthentication(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService);
    }

}

I am using Intellij IDEA 13 Ultimate Edition. When I try to compile my application I get this error: 

java: cannot find symbol
symbol:   method loginPage(java.lang.String)
location: class org.springframework.security.config.annotation.web.builders.HttpSecurity

2 answers

solution1
 0 ACCPTED  2014-02-01 22:24:44

I reproduced the problem, and changing the order of the configuration makes the compilation work OK: 

     http
        .formLogin()
        .loginPage("/login")
        .permitAll()
     .and()
        .logout()
        .permitAll()
     .and()
        .authorizeRequests()
        .antMatchers("/resources/**", "/signup").permitAll()
        .anyRequest().authenticated();

Also see the javadoc of HttpSecurity , it has lots of examples.

solution2
 0  2014-02-02 10:51:31

I suggest you to change it to more appropriate like this: 

@Override
public void configure(WebSecurity web) throws Exception {
    web.ignoring().antMatchers("/resources/**"); // Ignore static resources
}

@Override
    protected void configure(HttpSecurity http) throws Exception {

        http.authorizeRequests()
            .antMatchers("/login/**", "/login").permitAll()
            .antMatchers("/**").authenticated()
        .and()
            .formLogin()
                .loginPage("/login")
                .loginProcessingUrl("/login")
                .defaultSuccessUrl("/")
                .failureUrl("/loginfailed").permitAll()
        .and()
            .logout()
                .deleteCookies("JSESSIONID")
                .logoutUrl("/logout")
                .logoutSuccessUrl("/login")
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How To Implement Rest Full Web Service with Auth Token using Spring Security 4.0.1.RELEASE Dependency Resolution Exception in netbeans maven web application for spring-framework-bom:jar:4.0.1.RELEASE Spring security 4.0.1 Request method 'POST' not supported Spring MVC 3.2 +Jackson spring security 3.2 java configuration Spring Security 3.2 Token Authentication Custom authenticationFilter Spring Security 3.2 Spring MVC 4.0.1 Request Mapping Not work @Valid is not triggering - Spring MVC 3.2 Spring MVC enabling Spring Security 4
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM