![](/img/trans.png)
[英]How to add a custom security annotation to Spring MVC controller method
[英]how to add @secure annotation in spring security
如何在控制器的方法中添加@Secure注释并使其运行? 现在,当我运行它时,出现了如下异常:
org.springframework.beans.factory.BeanCreationException:在文件[C:\\ workspace \\ sts \\ springsource \\ vfabric-tc-server-developer-2.6.1.RELEASE \\ spring-insight-instance中创建名称为'companyController'的bean时出错\\\\ wtpwebapps \\ BillingEngine \\ WEB-INF \\ classes \\ com \\ sesami \\ common \\ management \\ web \\ controller \\ CompanyController.class]:Bean初始化失败; 嵌套的异常是org.springframework.aop.framework.AopConfigException:意外的AOP异常; 嵌套异常是org.springframework.beans.factory.BeanCreationException:创建名称为org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor#0'的bean时出错:在设置bean属性“ accessDecisionManager”时无法解析对bean“ accessDecisionManager”的引用'; 嵌套的异常是org.springframework.beans.factory.NoSuchBeanDefinitionException:没有在org.apache.catalina.core.StandardContext $ 1处定义名为``accessDecisionManager''的bean org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4723) .call(java.lang.Thread.run处的StandardContext.java(未知源)原因:org.springframework.aop.framework.AopConfigException:意外的AOP异常;嵌套的异常是org.springframework.beans.factory.BeanCreationException:创建错误名称为“ org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor#0”的bean:设置bean属性“ accessDecisionManager”时无法解析对bean“ accessDecisionManager”的引用;嵌套异常位于... 19另外
我有春季安全.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:context="http://www.springframework.org/schema/context"
xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:beans="http://www.springframework.org/schema/beans"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<global-method-security secured-annotations="enabled">
<!--
<protect-pointcut access="ROLE_ADMIN"
expression="execution(* com.sesami.common.management.web.controller.AdminController.*(..))" />
-->
</global-method-security>
<!-- URL pattern based security -->
<http auto-config="false" entry-point-ref="authenticationEntryPoint"
use-expressions="true">
<custom-filter ref="authenticationFilter" position="FORM_LOGIN_FILTER" />
<intercept-url access="hasRole('ROLE_ADMIN')" pattern="/common/admin/**" />
<intercept-url pattern="/common/accounting/**" access="hasRole('ROLE_USER')" />
<intercept-url pattern="/common/billing/**" access="hasRole('ROLE_COMPANY')" />
<logout logout-success-url="/" logout-url="/logout"/>
</http>.........
在控制器中我这样添加
@Secure("ROLE_ADMIN")
@RequestMapping(value = "/common/admin/addAdmin", method = RequestMethod.GET)
public String add(ModelMap map) {
map.addAttribute(new Administrator());
return "/common/admin/addAdmin";
}
我需要配置或导入某些类吗?
Cannot resolve reference to bean 'accessDecisionManager' while setting bean property 'accessDecisionManager'; nested exception is
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'accessDecisionManager' is defined
Spring应该为您创建一个默认的accessDecisionManager,但似乎没有发生,这可能是由于某些配置问题所致。 只是踢一下,如果在http配置中将auto-config设置为true,会发生什么?
<bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased" xmlns="http://www.springframework.org/schema/beans">
<constructor-arg>
<list>
<bean class="org.springframework.security.oauth2.provider.vote.ScopeVoter" />
<bean class="org.springframework.security.access.vote.RoleVoter" />
<bean class="org.springframework.security.access.vote.AuthenticatedVoter" />
</list>
</constructor-arg>
</bean>
您必须定义此bean。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.