[英]Error while Migrating Spring Security 2 to 3
我试图将我的Spring Security Application从2.0.4迁移到3.0。 我几乎相应地更新了必要的标签。 但是我正面临着错误
我的config.xml如下所示
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<security:http entry-point-ref="authenticationEntryPoint"
access-denied-page="/pages/accessDenied">
<security:intercept-url pattern="/resources/**" filters="none"/>
<security:intercept-url pattern="/includes/**" filters="none" />
<security:intercept-url pattern="/styles/**" filters="none" />
<security:intercept-url pattern="/images/**" filters="none" />
<security:intercept-url pattern="/help**" filters="none" />
<security:intercept-url pattern="/pages/layouts/**" filters="none" />
<security:intercept-url pattern="/pages/sessionExpired" filters="none" />
<security:intercept-url pattern="/pages/accessDenied" filters="none" />
<security:intercept-url pattern="/pages/error" filters="none" />
<security:intercept-url pattern="/pages/public/**" filters="none" />
<security:intercept-url pattern="/pages/login" filters="none"/>
<security:intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<security:logout logout-url="/logout"
invalidate-session="true"
logout-success-url="${logoutSuccessUrl}"/>
<security:session-management>
<security:concurrency-control
error-if-maximum-exceeded="false" max-sessions="500"
expired-url="/pages/sessionExpired"></security:concurrency-control>
</security:session-management>
<security:custom-filter ref="cflf" position="FORM_LOGIN_FILTER"/>
<security:custom-filter ref="supf" position="SWITCH_USER_FILTER" />
<security:custom-filter ref="preAuthFilter" position="PRE_AUTH_FILTER"/>
<security:custom-filter ref="etf" before="EXCEPTION_TRANSLATION_FILTER"/>
</security:http>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="customAuthenticationProvider"/>
<security:authentication-provider ref="preAuthenticatedAuthenticationProvider"/>
<security:authentication-provider ref="preauthAuthProvider"/>
</security:authentication-manager>
<bean id="cflf"
class="org.springframework.security.web.authentication.AuthenticationProcessingFilter" >
<property name="authenticationSuccessHandler" ref="successHandler" />
<property name="authenticationFailureHandler" ref="failureHandler"/>
<property name="authenticationManager" ref="customAuthenticationManager" />
<property name="allowSessionCreation" value="true" />
</bean>
<bean id="failureHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler" >
<property name="defaultFailureUrl" value="/pages/login?login_error=true" />
</bean>
<bean id="successHandler" class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler" >
<property name="defaultTargetUrl" value="/pages/index" /> <!-- which is the default value -->
</bean><bean id="customAuthenticationManager"
class="org.springframework.security.authentication.ProviderManager">
<property name="providers">
<list>
<ref local="preAuthenticatedAuthenticationProvider" />
<ref local="customAuthenticationProvider" />
</list>
</property>
</bean><bean id="authenticationEntryPoint"
class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint" >
<property name="loginFormUrl" value="/pages/login" />
</bean><bean id="supf"
class="org.springframework.security.web.authentication.switchuser.SwitchUserFilter" >
<property name="userDetailsService" ref="userDetailsService" />
<property name="switchUserUrl" value="/j_spring_security_switch_user" />
<property name="exitUserUrl" value="/j_spring_security_exit_user" />
<property name="switchFailureUrl" value="/pages/error" />
<property name="targetUrl" value="/" />
</bean><bean id="userDetailsService"
class="com.demo.myapp.client.AuthorizationUserDetailsService">
<property name="myappService" ref="myappService"/>
<property name="userListingService" ref="userListingService"/>
<property name="allowTestingRole" value="${allowTestingRole}"/>
<property name="allowUnknownUser" value="${allowUnknownUser}"/>
</bean><bean id="userListingService"
class="com.demo.myapp.client.UserListingService" />
<bean id="myappService" class="com.demo.myapp.ws.myappServiceImpl">
<property name="applicationName" value="${applicationName}" />
<property name="prefix" value="${rolePrefix}" />
<property name="myappWebServiceTemplate">
<bean class="com.demo.myapp.ws.WebServiceTemplateFactory"
factory-method="createmyappWebServiceTemplate">
<constructor-arg value="${myappWebServiceUri}" />
</bean>
</property>
</bean>
<bean id="customAuthenticationProvider"
class="com.demo.myapp.client.CustomAuthenticationProvider"><property name="userDetailsService" ref="userDetailsService"/>
</bean><bean id="preAuthenticatedAuthenticationProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
<property name="preAuthenticatedUserDetailsService" ref="preAuthenticatedUserDetailsService" />
</bean><bean id="preAuthFilter"
class="com.demo.myapp.filter.CustomRequestHeaderPreAuthenticatedProcessingFilter">
<property name="continueFilterChainOnUnsuccessfulAuthentication" value="${continueIfPreauthFails}"/>
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationDetailsSource" ref="authenticationDetailsSource" />
</bean><bean id="preAuthenticatedProcessingFilterEntryPoint"
class=" org.springframework.security.web.authentication.Http403ForbiddenEntryPoint" /><bean id="preAuthenticatedUserDetailsService" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
<property name="userDetailsService" ref="userDetailsService"/>
</bean><bean id="authenticationDetailsSource" class="org.springframework.security.authentication.AuthenticationDetailsSourceImpl">
<property name="clazz" value="com.demo.myapp.client.WssoWebAuthenticationDetails"/>
</bean> <bean id="preauthAuthProvider"
class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider"> <property name="preAuthenticatedUserDetailsService" ref="preAuthenticatedUserDetailsService"/>
</bean> <bean id="etf"
class=" org.springframework.security.web.access.ExceptionTranslationFilter">
<property name="authenticationEntryPoint" ref="authenticationEntryPoint" />
<property name="accessDeniedHandler">
<bean class="com.demo.myapp.handler.AccessDeniedHandlerImpl">
<property name="externalErrorPage" value="${externalAccessDeniedPage}"/>
<property name="errorPage" value="/pages/accessDenied"/>
</bean>
</property>
<property name="throwableAnalyzer">
<bean class="com.demo.myapp.handler.CustomThrowableAnalyzer"/>
</property>
</bean>
</beans>
和我的AccessDeniedHandlerImpl文件具有以下代码段
public void handle(HttpServletRequest request, HttpServletResponse response,AccessDeniedException accessDeniedException) throws IOException, ServletException {
if ( (externalErrorPage != null) && (cookieName != null)&&!doesCookieExist((HttpServletRequest)request)) ) {
((HttpServletRequest) request).setAttribute(SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY, accessDeniedException);
((HttpServletResponse)response).sendRedirect(externalErrorPage);
}
else
super.handle(request, response, accessDeniedException);
}
但是,当我运行该应用程序时,我面临着这个问题:
]] Root cause of ServletException.
java.lang.IllegalArgumentException: Unable to load class 'org.springframework.security.AccessDeniedException'
at org.springframework.webflow.engine.builder.model.FlowModelFlowBuilder.toClass(FlowModelFlowBuilder.java:960)
at org.springframework.webflow.engine.builder.model.FlowModelFlowBuilder.parseTransitionExecutingExceptionHandler(FlowModelFlowBuilder.java:764)
at org.springframework.webflow.engine.builder.model.FlowModelFlowBuilder.parseTransitionExecutingExceptionHandlers(FlowModelFlowBuilder.java:752)
at org.springframework.webflow.engine.builder.model.FlowModelFlowBuilder.parseExceptionHandlers(FlowModelFlowBuilder.java:733)
at org.springframework.webflow.engine.builder.model.FlowModelFlowBuilder.parseAndAddViewState(FlowModelFlowBuilder.java:549)
at org.springframework.webflow.engine.builder.model.FlowModelFlowBuilder.buildStates(FlowModelFlowBuilder.java:206)
at org.springframework.webflow.engine.builder.FlowAssembler.directAssembly(FlowAssembler.java:106)
at org.springframework.webflow.engine.builder.FlowAssembler.assembleFlow(FlowAssembler.java:91)
at org.springframework.webflow.engine.builder.DefaultFlowHolder.assembleFlow(DefaultFlowHolder.java:109)
at org.springframework.webflow.engine.builder.DefaultFlowHolder.getFlowDefinition(DefaultFlowHolder.java:84)
at org.springframework.webflow.definition.registry.FlowDefinitionRegistryImpl.getFlowDefinition(FlowDefinitionRegistryImpl.java:61)
at org.springframework.webflow.executor.FlowExecutorImpl.launchExecution(FlowExecutorImpl.java:138)
at org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:193)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:771)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:716)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:647)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:552)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227) at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
任何想法我错了吗?
提前致谢!
类“ org.springframework.security.AccessDeniedException”被转换为“ org.springframework.security.access.AccessDeniedException”。 因此,它无法加载该类。
将 Spring Security AbstractAuthenticationProcessingFilter 迁移到 WebFlux
[英]Migrating Spring Security AbstractAuthenticationProcessingFilter to WebFlux
从版本 3 迁移到版本 4 后,Spring Security 无法正常工作
[英]Spring Security not working after migrating from version 3 to 4
从 Spring Security 迁移到 Oracle Access Manager
[英]Migrating From Spring Security to Oracle Access Manager
Spring 安全性:在 Spring 引导 2.7.2 中升级已弃用的 WebSecurityConfigurerAdapter 时出错
[英]Spring Security: Error while upgrading the deprecated WebSecurityConfigurerAdapter in Spring Boot 2.7.2
将 Spring 引导版本从 2.1.6 迁移到 Spring 引导 2.4 时出现以下错误
[英]Getting following error while migrating Spring boot version from 2.1.6 to Spring boot 2.4
在 spring 安全性中解码 AWS Cognito 生成的 JWT 时出错
[英]Getting error while decoding JWT generated by AWS Cognito in spring security
遵循 Grails Spring Security Core 教程时出现“没有正在进行的事务”错误
[英]"No transaction is in progress" error while following Grails Spring Security Core tutorial
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.