2012-01-05 58 views
0

如何在控制器的方法中添加@Secure annoatation並使其運行? 現在,當我運行它有例外,如:如何在spring security中添加@secure註釋

org.springframework.beans.factory.BeanCreationException:錯誤創建名爲 'companyController' 文件[定義的C豆:\工作區\ STS \ SpringSource的\的vFabric -tc-server-developer-2.6.1.RELEASE \ spring-insight-instance \ wtpwebapps \ BillingEngine \ WEB-INF \ classes \ com \ sesami \ common \ management \ web \ controller \ CompanyController.class]:初始化bean失敗;嵌套的異常是org.springframework.aop.framework.AopConfigException:意外的AOP異常;嵌套異常是org.springframework.beans.factory.BeanCreationException:使用名稱'org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor#0'創建bean時出錯:無法在設置bean屬性'accessDecisionManager時解析對bean'accessDecisionManager'的引用「;嵌套異常是org.springframework.beans.factory.NoSuchBeanDefinitionException:沒有名爲'accessDecisionManager'的bean在org.apache.catalina.core中定義爲 org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4723) 。 StandardContext $ 1.call(StandardContext.java at java.lang.Thread.run(Unknown Source) 引起:org.springframework.aop.framework.AopConfigException:意外的AOP異常;嵌套的異常是org.springframework.beans.factory。 BeanCreationException:創建名稱爲'org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor#0'的bean時出錯:設置bean屬性'accessDecisionManager'時無法解析對bean'accessDecisionManager'的引用;嵌套異常處於... 19更多

我有春季安全的.xml

http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd「>

<global-method-security secured-annotations="enabled"> 
<!-- 
<protect-pointcut access="ROLE_ADMIN" 
     expression="execution(* com.sesami.common.management.web.controller.AdminController.*(..))" /> 
     --> 
</global-method-security> 

<!-- URL pattern based security --> 
<http auto-config="false" entry-point-ref="authenticationEntryPoint" 
    use-expressions="true"> 
    <custom-filter ref="authenticationFilter" position="FORM_LOGIN_FILTER" /> 
    <intercept-url access="hasRole('ROLE_ADMIN')" pattern="/common/admin/**" /> 
    <intercept-url pattern="/common/accounting/**" access="hasRole('ROLE_USER')" /> 
    <intercept-url pattern="/common/billing/**" access="hasRole('ROLE_COMPANY')" /> 
    <logout logout-success-url="/" logout-url="/logout"/> 

</http>......... 

而在控制器我添加這樣的

@Secure("ROLE_ADMIN") 
@RequestMapping(value = "/common/admin/addAdmin", method = RequestMethod.GET) 
    public String add(ModelMap map) { 
     map.addAttribute(new Administrator()); 
     return "/common/admin/addAdmin"; 
    } 

我需要配置或導入某個類嗎?

回答

1
Cannot resolve reference to bean 'accessDecisionManager' while setting bean property 'accessDecisionManager'; nested exception is 
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'accessDecisionManager' is defined 

Spring應該爲您創建一個默認的accessDecisionManager,但看起來好像沒有發生,可能是由於某些配置問題。只是踢腳本如果你在你的http配置中將auto-config設置爲true,會發生什麼?

0
<bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased" xmlns="http://www.springframework.org/schema/beans"> 
    <constructor-arg> 
     <list> 
      <bean class="org.springframework.security.oauth2.provider.vote.ScopeVoter" /> 
      <bean class="org.springframework.security.access.vote.RoleVoter" /> 
      <bean class="org.springframework.security.access.vote.AuthenticatedVoter" /> 
     </list> 
    </constructor-arg> 
</bean> 

您必須定義此bean。