stackoom
  简体   繁体   中英

Spring security JSP tags - which jars do I need?

 原文  2012-07-18 10:05:18       spring/ security/ jsp/ taglib

Question

I have a project that used to run successfully on Spring 3.0 with Spring-MVC. I'm moving it to Spring 3.1 and at the same time changing my jar management to Maven rather than manual download/copy to project/lib for Ant.

During loading the first (login) public page in the logs I see: INFO: At least one JAR was scanned for TLDs yet contained no TLDs

Which makes me think one my taglib URLs isn't being matched to an appropriate taglib jar. So either the URL is incorrect or I don't have the appropriate jars.

In the top of my JSP: 

<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>

I think it is the security tag that is having issues, as on the following page (after login) I get a new error: javax.servlet.ServletException: javax.servlet.jsp.JspException: java.io.IOException: No visible WebSecurityExpressionHandler instance could be found in the application context. There must be at least one in order to support expressions in JSP 'authorize' tags.

This is new to me - I hadn't had to define a 'WebSecurityExpressionHandler' when I was running the app with Spring 3.0 libraries, so either I'm missing a jar that provides the relevant stuff or something has changed in Spring 3.0 -> 3.1 in how I should be configuring the security of my application.

Edit: I've found what looks like it should fulfil that role in my config: 

`<bean id="expressionHandler" class="org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler" />`

And <http auto-config="true" use-expressions="true" .... > in my security-context.xml

1 answers

solution1
 4 ACCPTED  2012-07-18 10:09:13

You should have at least the following ones:

  • spring-security-config
  • spring-security-web
  • spring-security-taglibs

additionally you can add spring-security-core but Maven should resolve it as a transitive dependency.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Do I need to create JSP in spring security? Spring security's CSRF token - can I use pure HTML, or do I need JSP? What minimum .jars do I need for BlazeDS and Spring? What jars do I need for Spring AOP for version 5 What do the Spring Framework JSP Tags do? Which jars need for tiles with wildcard support in spring MVC Do I need resource server with Spring Security OAuth2? Spring MVC - Spring Security : How to have two different “types” of users, to which I will display different content in the jsp pages Spring security without jsp Which entities do I need to create Spring Data repositories for?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM