1. 首頁
  2. 問答
  3. 「的認證對象未在SecurityContext中找到」在使用@Secured方法

「的認證對象未在SecurityContext中找到」在使用@Secured方法

2017-07-19 62 views
1

我在Java開發新的,我想利用@Secured標註方法實現水平春季安全。「的認證對象未在SecurityContext中找到」在使用@Secured方法

當我打電話給我「/登錄」我發現了以下錯誤:

"An Authentication object was not found in the SecurityContext"

PS:我沒有使用.jsp文件進行登錄,任何想法如何管理這個錯誤?

這是我的代碼段。

@Controller 
@RequestMapping("/login") 
public class LoginController { 
@Autowired 
public IUserService userService; 
@RequestMapping(method = RequestMethod.GET) 
public String success(ModelMap map) {  
    userService.addUser("ram", "con1234"); 
    userService.deleteUser("ABC"); 
    map.addAttribute("msg", "Done Successfully"); 
    return "success"; 
    } 
} 

public interface IUserService { 
@Secured ({"ROLE_USER", "ROLE_ADMIN"}) 
public void addUser(String name, String pwd); 
@Secured("ROLE_ADMIN") 
public void deleteUser(String name); 
} 


@Repository 
public class UserServiceSec implements IUserService { 

@Override 
public void addUser(String name, String pwd) { 
    System.out.println("user added"); 
} 
@Override 
public void deleteUser(String name) { 
    System.out.println("user deleted"); 
} 

}

的web.xml

<?xml version="1.0" encoding="UTF-8"?> 
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
xmlns="http://xmlns.jcp.org/xml/ns/javaee" 
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee  http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" 
id="WebApp_ID" version="3.1"> 
<display-name>EQUADIS</display-name> 
<welcome-file-list> 
    <welcome-file>/login</welcome-file> 
</welcome-file-list> 
<servlet> 
    <servlet-name>dispatcher</servlet-name> 
    <servlet- class>org.springframework.web.servlet.DispatcherServlet</servlet-class> 
    <init-param> 
     <param-name>contextConfigLocation</param-name> 
     <param-value>/WEB-INF/spring-config.xml 
     /WEB-INF/security-config.xml 
     </param-value> 
    </init-param> 
    <load-on-startup>1</load-on-startup> 
</servlet> 

<servlet-mapping> 
    <servlet-name>dispatcher</servlet-name> 
    <url-pattern>/</url-pattern> 
</servlet-mapping>

安全-config.xml中

<?xml version="1.0" encoding="UTF-8"?> 
<beans:beans xmlns="http://www.springframework.org/schema/security" 
xmlns:beans="http://www.springframework.org/schema/beans" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
xsi:schemaLocation="http://www.springframework.org/schema/beans 
http://www.springframework.org/schema/beans/spring-beans- 3.2.xsd 
http://www.springframework.org/schema/security 
http://www.springframework.org/schema/security/spring-security-3.2.xsd"> 

<http auto-config="true"> 
    <intercept-url pattern="/login" access="ROLE_USER,ROLE_ADMIN" /> 
    <logout logout-success-url="/login" /> 
</http> 

<authentication-manager> 
    <authentication-provider> 
    <user-service> 
    <user name="ram" password="con1234" authorities="ROLE_ADMIN" /> 
    <user name="rahim" password="con1234" authorities="ROLE_USER" /> 
    </user-service> 
    </authentication-provider> 
</authentication-manager> 

<global-method-security secured-annotations="enabled" /> 
<beans:bean name="userServiceSec" class="package.service.UserServiceSec"/>

來源

2017-07-19 Elias

回答

0

您的web.xml中似乎沒有DelegatingFilterProxy過濾器。你需要有以下幾點;

<filter> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> 
</filter> 

<filter-mapping> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <url-pattern>/*</url-pattern> 
</filter-mapping>

來源

2017-07-19 09:43:12 shazin

+0

謝謝shazin您reply.after我添加了這行我web.xml和使用「/登錄」用戶名和密碼頁面中的登錄顯示,然後不管我把用戶名在服務器上運行該項目和密碼,我把它給了我下面的錯誤:「原始服務器沒有找到目標資源的電流表示或不願意透露一個存在」,它看起來像它不檢查春季安全我缺少什麼?在郵差中,當我測試鏈接時,它給了我登錄頁面的html響應。謝謝你的幫助。 – Elias

相關問題

 相關問題