1
在我的應用程序中,我使用LDAP身份驗證(稱爲ldap)。對於我的一個頁面,我需要使用基本的html彈出框(稱爲內部)進行自己的身份驗證。我得到BeanCreationException
:Spring Security許多提供者
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChainProxy': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: A universal match pattern ('/**') is defined before other patterns in the filter chain, causing them to be ignored. Please check the ordering in your <security:http> namespace or FilterChainProxy bean configuration
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1512) ~[spring-beans-3.2.5.RELEASE.jar:3.2.5.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:521) ~[spring-beans-3.2.5.RELEASE.jar:3.2.5.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:458) ~[spring-beans-3.2.5.RELEASE.jar:3.2.5.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:296) ~[spring-beans-3.2.5.RELEASE.jar:3.2.5.RELEASE]
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:223) ~[spring-beans-3.2.5.RELEASE.jar:3.2.5.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:293) ~[spring-beans-3.2.5.RELEASE.jar:3.2.5.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:194) ~[spring-beans-3.2.5.RELEASE.jar:3.2.5.RELEASE]
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:628) ~[spring-beans-3.2.5.RELEASE.jar:3.2.5.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:932) ~[spring-context-3.2.2.RELEASE.jar:3.2.2.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:479) ~[spring-context-3.2.2.RELEASE.jar:3.2.2.RELEASE]
at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:389) ~[spring-web-3.2.2.RELEASE.jar:3.2.2.RELEASE]
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:294) ~[spring-web-3.2.2.RELEASE.jar:3.2.2.RELEASE]
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:112) [spring-web-3.2.2.RELEASE.jar:3.2.2.RELEASE]
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4973) [catalina.jar:7.0.52]
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5467) [catalina.jar:7.0.52]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) [catalina.jar:7.0.52]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1559) [catalina.jar:7.0.52]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1549) [catalina.jar:7.0.52]
at java.util.concurrent.FutureTask.run(Unknown Source) [na:1.7.0_51]
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) [na:1.7.0_51]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [na:1.7.0_51]
at java.lang.Thread.run(Unknown Source) [na:1.7.0_51]
這裏是我的配置:
<http authentication-manager-ref="internal">
<intercept-url pattern="/monitoring" access="ROLE_USER" />
<http-basic />
</http>
<http authentication-manager-ref="ldap" auto-config='true' use-expressions="true">
<intercept-url pattern="/**" access="permitAll" />
<form-login login-page='/' default-target-url='/login_ok'
always-use-default-target='true' authentication-failure-url="/login_failed" />
<logout logout-success-url="/" />
</http>
<authentication-manager id="internal">
<authentication-provider>
<user-service>
<user name="monitoring" password="monitoring" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
<authentication-manager erase-credentials="false" id="ldap">
<ldap-authentication-provider
group-search-filter="${ldap.group-search-filter}" server-ref="ldapServer"
group-search-base="${ldap.group-search-base}" user-search-filter="${ldap.user-search-filter}"
user-search-base="${ldap.user-search-base}" group-role-attribute="${ldap.group-role-attribute}"
role-prefix="${ldap.role-prefix}">
</ldap-authentication-provider>
<authentication-provider user-service-ref="userService" />
</authentication-manager>
我明白爲什麼拋出異常,並知道圖案秩序和範圍是重要的,但不知道怎麼做是正確的。我想要的是,每個用戶都可以訪問「/ **」,但只有監視用戶可以訪問/監視(使用基本身份驗證)但。在我想添加這個內部認證之前,一切正常。
好的。事情是,http標記沒有路徑屬性,所以XML中有錯誤。或者,我錯過了一些架構或東西?關於休息 - 我同意,它可以更好地組織:)。 – alvaro991
對不起,路徑應該是模式。我已更新帖子 –
是的,我想到了:)。將「路徑」更改爲「模式」解決了XML錯誤,但是當我想訪問「/ monitoring」時,我得到403 - 訪問被拒絕。沒有顯示身份驗證表單,只是錯誤 – alvaro991