在将旧应用程序迁移到 Spring Security 时,出现以下异常:
org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_filterChainProxy': Initialization of bean failed; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_filterChainList': Cannot resolve reference to bean '_filterSecurityInterceptor' while setting bean property 'filters' with key [3]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_filterSecurityInterceptor': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [superadmin]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:480)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409)
at java.security.AccessController.doPrivileged(Native Method)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:264)
在旧的应用程序中,有“superadmin”、“editor”、“helpdesk”等角色。但在所有 Spring Security 示例中,我只看到“ROLE_”(“ROLE_ADMIN”等)等角色。当我将“superadmin”重命名为“ROLE_ADMIN”并仅在配置中使用此角色时,一切正常。
不起作用:
<http auto-config="true">
<intercept-url pattern="/restricted/**" access="superadmin"/>
<form-login
authentication-failure-url="/secure/loginAdmin.do?error=true"
login-page="/secure/loginAdmin.do" />
</http>
Works:
<http auto-config="true">
<intercept-url pattern="/restricted/**" access="ROLE_ADMIN"/>
<form-login
authentication-failure-url="/secure/loginAdmin.do?error=true"
login-page="/secure/loginAdmin.do" />
</http>
可以使用自定义角色名称吗?
您正在使用默认配置,该配置期望角色以"ROLE_"
字首。您必须添加自定义安全配置并设置rolePrefix
to "";
http://forum.springsource.org/archive/index.php/t-53485.html http://forum.springsource.org/archive/index.php/t-53485.html
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)