首先,先謝謝了!添加安全到春季批量管理員
我正在使用Spring-Batch-Admin 1.3.1,我的進程正常工作,但現在我們的目標是應用安全性,以便只有經過授權的人員才能訪問進程。 安全設置在其他應用程序中完美工作,並違背CAS。
這樣做有彈簧批次管理,樣品測試,我已經把安全配置文件中的路徑/META-INF/spring/cas-security-config.xml,它是從另一個配置進口xml文件覆蓋屬性或加載新的安全性。批次管理正常啓動,但是當我嘗試訪問該應用程序會生成以下錯誤:
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'springSecurityFilterChain' is defined
我已閱讀所有相關的帖子,但我不能找到解決方案。我嘗試用/批覆蓋resourceService bean,但是當它被訪問時,其他url沒有找到它們並生成404錯誤。
我們希望保護所有重定向到CAS然後返回到批次管理器菜單的所有內容。
這是我的配置文件:
物業負載
<?xml version="1.0" encoding="UTF-8" ?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<context:annotation-config />
<context:component-scan base-package="com.aneta.services" />
<!--
SOBREESCRITURA DE LAS PROPERTIES DEL MANAGER DE SPRING BATCH
-->
<bean id="placeholderProperties" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="locations">
<list>
<value>classpath:*.properties</value>
<value>classpath:properties/*.properties</value>
</list>
</property>
<property name="systemPropertiesModeName" value="SYSTEM_PROPERTIES_MODE_OVERRIDE" />
<property name="ignoreResourceNotFound" value="true" />
<property name="ignoreUnresolvablePlaceholders" value="false" />
<property name="order" value="1" />
</bean>
<import resource="classpath:META-INF/spring/cas-security-config.xml"/>
</beans>
的web.xml
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4">
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath*:/org/springframework/batch/admin/web/resources/webapp-config.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>shallowEtagHeaderFilter</filter-name>
<filter-class>org.springframework.web.filter.ShallowEtagHeaderFilter</filter-class>
</filter>
<filter>
<filter-name>hiddenHttpMethodFilter</filter-name>
<filter-class>org.springframework.web.filter.HiddenHttpMethodFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>shallowEtagHeaderFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>hiddenHttpMethodFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>Batch Servlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath*:/org/springframework/batch/admin/web/resources/servlet-config.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Batch Servlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
</web-app>
而且
個CAS-安全-config.xml中
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.2.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd">
<context:annotation-config />
<context:component-scan base-package="com.aneta.services" />
<bean id="roleVoter" class="org.springframework.security.access.vote.RoleVoter">
<property name="rolePrefix" value=""/>
</bean>
<bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
<constructor-arg >
<list>
<ref bean="roleVoter"/>
<bean class="org.springframework.security.web.access.expression.WebExpressionVoter"/>
<bean class="org.springframework.security.access.vote.AuthenticatedVoter"/>
</list>
</constructor-arg>
</bean>
<security:http entry-point-ref="casEntryPoint" use-expressions="true" auto-config="true"
access-decision-manager-ref="accessDecisionManager">
<security:csrf disabled="false"/>
<security:custom-filter position="FIRST" ref="ajaxSessionFilter"/>
<security:custom-filter ref="requestSingleLogoutFilter" before="LOGOUT_FILTER" />
<security:custom-filter ref="singleLogoutFilter" before="CAS_FILTER" />
<security:custom-filter ref="casAuthenticationFilter" after="CAS_FILTER"/>
<security:custom-filter position="LAST" ref="loginFilter"/>
<!-- ACCESO CON RESTRICCIONES -->
<security:intercept-url pattern="/**" access="hasAnyAuthority('ADMINISTRATOR')" />
</security:http>
<bean id="casServiceProperties" class="org.springframework.security.cas.ServiceProperties"
p:service="${service.base.url}"
p:sendRenew="false" p:authenticateAllArtifacts="true" />
<bean id="casEntryPoint"
class="org.springframework.security.cas.web.CasAuthenticationEntryPoint"
p:serviceProperties-ref="casServiceProperties" p:loginUrl="${cas.server.base.url}/login" />
<bean id="ajaxSessionFilter" class="com.psoplaneta.services.security.filters.AjaxSessionFilter">
<property name="homePage" value="${cas.server.base.url}/login"/>
</bean>
<bean id="loginFilter" class="com.aneta.services.security.filters.LoginFilter">
<property name="errorPage" value="${service.base.url}/403"/>
<property name="loginPage" value="${cas.server.base.url}/login"/>
</bean>
<bean id="casAuthenticationFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter"
p:proxyGrantingTicketStorage-ref="proxyGrantingTicketStorage"
p:proxyReceptorUrl="/login/cas/proxyreceptor"
p:serviceProperties-ref="casServiceProperties"
p:authenticationManager-ref="authenticationManager">
<property name="authenticationFailureHandler">
<bean class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<property name="defaultFailureUrl" value="/casfailed"/>
</bean>
</property>
<property name="authenticationSuccessHandler">
<bean class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler"
p:defaultTargetUrl="/">
</bean>
</property>
<property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />
</bean>
<bean id="proxyGrantingTicketStorage" class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" />
<bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.ShaPasswordEncoder"/>
<!-- This filter redirects to the CAS Server to signal Single Logout should be performed -->
<bean id="requestSingleLogoutFilter"
class="org.springframework.security.web.authentication.logout.LogoutFilter"
p:filterProcessesUrl="/j_spring_cas_security_logout">
<constructor-arg value="${cas.server.base.url}/logout" />
<constructor-arg >
<bean
class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" />
</constructor-arg>
</bean>
<!-- This filter handles a Single Logout Request from the CAS Server -->
<bean id="singleLogoutFilter" class="org.jasig.cas.client.session.SingleSignOutFilter"/>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="casAuthenticationProvider"/>
</security:authentication-manager>
<bean id="casAuthenticationProvider"
class="org.springframework.security.cas.authentication.CasAuthenticationProvider"
p:key="casAuthProviderKey"
p:serviceProperties-ref="casServiceProperties">
<property name="authenticationUserDetailsService">
<bean class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
<constructor-arg ref="userDetailService" />
</bean>
</property>
<property name="ticketValidator">
<bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator"
p:proxyGrantingTicketStorage-ref="proxyGrantingTicketStorage">
<constructor-arg index="0" value="${cas.server.base.url}" />
</bean>
</property>
</bean>
<bean id="userDetailService" class="com.aneta.services.security.userdetails.UserDetailsService"/>
</beans>
有什麼想法嗎? –