如何在控制器的方法中添加@Secure annoatation並使其運行? 現在,當我運行它有例外,如:如何在spring security中添加@secure註釋
org.springframework.beans.factory.BeanCreationException:錯誤創建名爲 'companyController' 文件[定義的C豆:\工作區\ STS \ SpringSource的\的vFabric -tc-server-developer-2.6.1.RELEASE \ spring-insight-instance \ wtpwebapps \ BillingEngine \ WEB-INF \ classes \ com \ sesami \ common \ management \ web \ controller \ CompanyController.class]:初始化bean失敗;嵌套的異常是org.springframework.aop.framework.AopConfigException:意外的AOP異常;嵌套異常是org.springframework.beans.factory.BeanCreationException:使用名稱'org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor#0'創建bean時出錯:無法在設置bean屬性'accessDecisionManager時解析對bean'accessDecisionManager'的引用「;嵌套異常是org.springframework.beans.factory.NoSuchBeanDefinitionException:沒有名爲'accessDecisionManager'的bean在org.apache.catalina.core中定義爲 org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4723) 。 StandardContext $ 1.call(StandardContext.java at java.lang.Thread.run(Unknown Source) 引起:org.springframework.aop.framework.AopConfigException:意外的AOP異常;嵌套的異常是org.springframework.beans.factory。 BeanCreationException:創建名稱爲'org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor#0'的bean時出錯:設置bean屬性'accessDecisionManager'時無法解析對bean'accessDecisionManager'的引用;嵌套異常處於... 19更多
我有春季安全的.xml
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd「>
<global-method-security secured-annotations="enabled">
<!--
<protect-pointcut access="ROLE_ADMIN"
expression="execution(* com.sesami.common.management.web.controller.AdminController.*(..))" />
-->
</global-method-security>
<!-- URL pattern based security -->
<http auto-config="false" entry-point-ref="authenticationEntryPoint"
use-expressions="true">
<custom-filter ref="authenticationFilter" position="FORM_LOGIN_FILTER" />
<intercept-url access="hasRole('ROLE_ADMIN')" pattern="/common/admin/**" />
<intercept-url pattern="/common/accounting/**" access="hasRole('ROLE_USER')" />
<intercept-url pattern="/common/billing/**" access="hasRole('ROLE_COMPANY')" />
<logout logout-success-url="/" logout-url="/logout"/>
</http>.........
而在控制器我添加這樣的
@Secure("ROLE_ADMIN")
@RequestMapping(value = "/common/admin/addAdmin", method = RequestMethod.GET)
public String add(ModelMap map) {
map.addAttribute(new Administrator());
return "/common/admin/addAdmin";
}
我需要配置或導入某個類嗎?