2016-08-17 217 views
2
<bean id="channelProcessingFilter" class="org.springframework.security.web.access.channel.ChannelProcessingFilter"> 
     <property name="channelDecisionManager" ref="channelDecisionManager"/> 
     <property name="securityMetadataSource"> 
     <security:filter-security-metadata-source request-matcher="regex" use-expressions="true"> 
      <security:intercept-url pattern="\A/login.*\Z" access="REQUIRES_SECURE_CHANNEL"/> 
      <security:intercept-url pattern="\A/Home.*\Z" access="REQUIRES_INSECURE_CHANNEL"/> 
      <security:intercept-url pattern="\A/.*\Z" access="ANY_CHANNEL"/> 
     </security:filter-security-metadata-source> 
     </property> 
    </bean> 

上面的代碼片段在遷移到Spring Security 4.x時出現錯誤。請讓我知道是否有解決方案。我查看了遷移指南,但沒有提到任何解決方案。這段代碼在Spring Security 3.x中運行良好。從Spring Security 3.x升級到4.x

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'serviceBindingGenerator': Invocation of init method failed; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'channelProcessingFilter' defined in URL [jar:file:xxxxx.jar!/META-INF/spring-security.xml]: Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [ANY_CHANNEL, REQUIRES_INSECURE_CHANNEL, REQUIRES_SECURE_CHANNEL] 
    at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor.postProcessBeforeInitialization(InitDestroyAnnotationBeanPostProcessor.java:136) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyBeanPostProcessorsBeforeInitialization(AbstractAutowireCapableBeanFactory.java:408) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1570) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:545) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:482) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:772) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:839) ~[spring-context-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:538) ~[spring-context-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:446) ~[spring-web-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:328) ~[spring-web-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:107) [spring-web-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4729) [catalina.jar:8.0.26] 
    at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5167) [catalina.jar:8.0.26] 
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) [catalina.jar:8.0.26] 
    at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:725) [catalina.jar:8.0.26] 
    at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:701) [catalina.jar:8.0.26] 
    at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:717) [catalina.jar:8.0.26] 
    at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:945) [catalina.jar:8.0.26] 
    at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1768) [catalina.jar:8.0.26] 
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [na:1.8.0_60] 
    at java.util.concurrent.FutureTask.run(FutureTask.java:266) [na:1.8.0_60] 
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_60] 
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_60] 
    at java.lang.Thread.run(Thread.java:745) [na:1.8.0_60] 
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'channelProcessingFilter' defined in URL [jar:file:/xxxxxx.jar!/META-INF/spring-security.xml]: Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [ANY_CHANNEL, REQUIRES_INSECURE_CHANNEL, REQUIRES_SECURE_CHANNEL] 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1578) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:545) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:482) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1054) ~[spring-context-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_60] 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_60] 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_60] 
    at java.lang.reflect.Method.invoke(Method.java:497) ~[na:1.8.0_60] 
    at org.springsource.loaded.ri.ReflectiveInterceptor.jlrMethodInvoke(ReflectiveInterceptor.java:1426) ~[springloaded-1.2.5.RELEASE.jar:1.2.5.RELEASE] 
    at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor$LifecycleElement.invoke(InitDestroyAnnotationBeanPostProcessor.java:354) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor$LifecycleMetadata.invokeInitMethods(InitDestroyAnnotationBeanPostProcessor.java:305) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor.postProcessBeforeInitialization(InitDestroyAnnotationBeanPostProcessor.java:133) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    ... 27 common frames omitted 
Caused by: java.lang.IllegalArgumentException: Unsupported configuration attributes: [ANY_CHANNEL, REQUIRES_INSECURE_CHANNEL, REQUIRES_SECURE_CHANNEL] 
    at org.springframework.security.web.access.channel.ChannelProcessingFilter.afterPropertiesSet(ChannelProcessingFilter.java:131) ~[spring-security-web-4.1.2.RELEASE.jar:4.1.2.RELEASE] 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1637) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1574) ~[spring-beans-4.2.4.RELEASE.jar:4.2.4.RELEASE] 
    ... 44 common frames omitted 
+0

你應該使用的可能值'要求,channel'屬性'http','https'和'any'。 – manish

回答

0

你需要重寫你這樣的intercept-url定義:

<!-- old --> 
<security:intercept-url 
    pattern="\A/.*\Z" 
    access="ANY_CHANNEL"/> 

<!-- new --> 
<security:intercept-url 
    pattern="\A/.*\Z" 
    access="hasRole(...)" 
    requires-channel="any" /> 

根據documentation您可以使用此VALES爲requires-channel

可用的選項有 「HTTP」,「 https「或」任何「。使用值「any」表示可以使用HTTP或HTTPS。

+0

謝謝。我聲明如上配置。 。現在我收到錯誤消息\ n配置問題:在bean定義解析期間發生意外的失敗 違規資源:URL [jarxxxxxxx.jar!/META-INF/spring-security.xml] Bean'channelProcessingFilter';嵌套異常是org.springframework.beans.factory.parsing.BeanDefinitionParsingException:配置問題:屬性'require-channel'在這裏是不允許的。 Offending resource:URL [jar:file:xxxxxx.jar!/META-INF/spring-security.xml – jslearner07

+0

@ jslearner07你使用的是什麼確切的spring版本? – vsminkov

+0

我正在使用Spring 4.3.2.RELEASE – jslearner07

0

Set use-expressions =「false」。按照documentation,該值設置爲true,如果訪問將被計算的表達式,

<security:filter-security-metadata-source use-expressions="true"> 
    <security:intercept-url pattern="/**" access="isAuthenticated()" /> 
</security:filter-security-metadata-source> 

否則返回false:

<security:filter-security-metadata-source request-matcher="regex" use-expressions="false"> 
    <security:intercept-url pattern="\A/.*\Z" access="ANY_CHANNEL"/> 
</security:filter-security-metadata-source>