不久之前,Spring爲Spring Security模塊提供了基於java的配置。我嘗試從XML遷移到Java配置。 這裏是我的測試項目:https://github.com/Fruzenshtein/security-sprSpring Security:帶數據源的Java配置
pom.xml中被更新:
spring.version = 3.2.4.RELEASE spring.security.version = 3.1.4.RELEASE
...
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-javaconfig</artifactId>
<version>1.0.0.M1</version>
</dependency>
...
<repository>
<id>repository.springsource.milestone</id>
<name>SpringSource Milestone Repository</name>
<url>http://repo.springsource.org/milestone</url>
</repository>
然後我添加了一個新的java配置類而不是spring-security.xml
package com.sprsec.init;
import javax.sql.DataSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import com.sprsec.service.CustomUserDetailsService;
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Override
protected void registerAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.userDetailsService(new CustomUserDetailsService())
.authorizeUrls()
.antMatchers("/sec/moderation.html").hasRole("MODERATOR")
.antMatchers("/admin/**").hasRole("ADMIN")
.and()
.formLogin()
.loginPage("/user-login.html")
.defaultSuccessUrl("/success-login.html")
.failureUrl("/error-login.html")
.permitAll()
.and()
.logout()
.logoutSuccessUrl("/index.html");
}
}
之後,我將Initializaer.class更改爲:
package com.sprsec.init;
import org.springframework.web.servlet.support.AbstractAnnotationConfigDispatcherServletInitializer;
public class Initializer extends
AbstractAnnotationConfigDispatcherServletInitializer {
@Override
protected Class<?>[] getRootConfigClasses() {
return new Class[] { WebAppConfig.class };
}
@Override
protected Class<?>[] getServletConfigClasses() {
return new Class[] { WebAppConfig.class };
}
@Override
protected String[] getServletMappings() {
return new String[] { "/" };
}
}
備註:
- 彈簧security.xml文件已被刪除
- 代碼@ImportResource的線( 「類路徑:彈簧security.xml文件」)中的溶液在WebAppConfig.java 刪除
- 刪除web.xml中的過濾器聲明
當我嘗試在服務器上運行應用程序時,我得到:
SEVERE:上下文初始化失敗 org.springframework.beans.factory.BeanCreationException:創建名爲'webAppConfig'的bean時出錯:bean初始化失敗;嵌套異常是org.springframework.beans.factory.BeanCreationException:在類路徑資源[org/springframework/transaction/annotation/ProxyTransactionManagementConfiguration.class]中定義名稱爲'org.springframework.transaction.config.internalTransactionAdvisor'的bean時出錯:實例化豆失敗;嵌套異常是org.springframework.beans.factory.BeanDefinitionStoreException:工廠方法[public org.springframework.transaction.interceptor.BeanFactoryTransactionAttributeSourceAdvisor org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration.transactionAdvisor()]引發異常;嵌套的異常是java.lang.NoSuchMethodError:org.springframework.transaction.interceptor.BeanFactoryTransactionAttributeSourceAdvisor.setAdvice(Lorg/aopalliance/aop/Advice;)V
有人可以提出一個建議什麼可以是這個原因嗎?
Hi和感謝 我做你建議,現在我沒有任何錯誤,當我啓動服務器 但一個新的問題是該項目的一個空的工作目錄我已經開始後的所有修補程序的響應服務器。非常奇怪的行爲 –
檢查它是否開始。正如我在提交中提到的那樣,您應該添加maven war插件併爲缺少的web.xml(您應該刪除它)進行配置。 –