1

嗨,我是 Spring Security 的新手,但我在使用 Spring 方面有一些经验,我按照 mkyong.com 网站上的教程在 Spring 3.07 中创建简单的应用程序,它运行良好但是当我尝试添加注释时“@secured ('ROLE_ADMIN ')”,我发现错误“无法创建 loginCONtroller bean” 任何人都可以指出错误或为我提供简单的 SPring 安全应用程序这是我的代码

web.xml

    <web-app id="WebApp_ID" version="2.4"
    xmlns="http://java.sun.com/xml/ns/j2ee" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee 
    http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">

    <display-name>Spring MVC Application</display-name>

    <!-- Spring MVC -->
    <servlet>
        <servlet-name>mvc-dispatcher</servlet-name>
        <servlet-class>
                    org.springframework.web.servlet.DispatcherServlet
                </servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>

     <welcome-file-list>
        <welcome-file>index.jsp</welcome-file>
    </welcome-file-list>

    <servlet-mapping>
        <servlet-name>mvc-dispatcher</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

    <listener>
        <listener-class>
                  org.springframework.web.context.ContextLoaderListener
                </listener-class>
    </listener>

    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>
            /WEB-INF/mvc-dispatcher-servlet.xml,
            /WEB-INF/spring-security.xml
        </param-value>
    </context-param>

    <!-- Spring Security -->
    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>
                  org.springframework.web.filter.DelegatingFilterProxy
                </filter-class>
    </filter>

    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

</web-app>

springsecurity.xml(调度程序 servlet)

     <beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:s="http://www.springframework.org/schema/security"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://www.springframework.org/schema/beans
                    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                    http://www.springframework.org/schema/security
                    http://www.springframework.org/schema/security/spring-security-3.0.xsd">   


 <s:global-method-security secured-annotations="enabled" />
 <s:http auto-config="true" use-expressions="true">
    <s:intercept-url pattern="/index.jsp" access="permitAll" />
    <s:intercept-url pattern="/welcome*" access="hasRole('ROLE_USER')" />
    <s:intercept-url pattern="/helloadmin*" access="hasRole('ROLE_ADMIN')" />
    <s:form-login login-page="/login" default-target-url="/welcome"
        authentication-failure-url="/loginfailed" />
    <s:logout logout-success-url="/logout" />
</s:http>
<bean id="LoginController" class="com.mkyong.common.controller.LoginController" />
<s:authentication-manager>
  <s:authentication-provider>
    <s:user-service>
        <s:user name="joseph" password="123456" authorities="ROLE_USER,ROLE_ADMIN" />
        <s:user name="jane" password="123456" authorities="ROLE_USER" />          
    </s:user-service>
  </s:authentication-provider>
</s:authentication-manager>
</beans>

mvc 调度程序 servlet.xml

    <beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:context="http://www.springframework.org/schema/context"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="
        http://www.springframework.org/schema/beans     
        http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
        http://www.springframework.org/schema/context 
        http://www.springframework.org/schema/context/spring-context-3.0.xsd">

    <context:component-scan base-package="com.mkyong.common.controller" >
    </context:component-scan>
    <bean
      class="org.springframework.web.servlet.view.InternalResourceViewResolver">
      <property name="prefix">
        <value>/WEB-INF/pages/</value>
      </property>
      <property name="suffix">
        <value>.jsp</value>
      </property>
    </bean>

</beans>

登录控制器.java

    @Controller
public class LoginController {

    @RequestMapping(value = "/welcome", method = RequestMethod.GET)
    public String printWelcome(ModelMap model, Principal principal) {

        String name = principal.getName();
        model.addAttribute("username", name);
        model.addAttribute("message", "Spring Security Custom Form example");
        return "hello";

    }

    @RequestMapping(value = "/login", method = RequestMethod.GET)
    public String login(ModelMap model) {

        return "login";

    }

    // @Secured("ROLE_ADMIN")
     @RequestMapping(value="/delete", method = RequestMethod.GET)
    public String DeleteAll(ModelMap model, Principal principal ) {
        return "deleteUsers";
    }

    @RequestMapping(value = "/loginfailed", method = RequestMethod.GET)
    public String loginerror(ModelMap model) {

        model.addAttribute("error", "true");
        return "login";

    }

    @RequestMapping(value = "/logout", method = RequestMethod.GET)
    public String logout(ModelMap model) {

        return "login";

    }

    }

当前状态下的代码成功执行,但是当我删除 @Secured('ROLE_ADMIN') 代码的注释时显示错误无法创建登录控制器 bean 谁能告诉我我缺少什么或提供简单的 Spring SEcurity 应用程序的代码

4

2 回答 2

0

对我来说没问题。但我使用的是 3.1.0.RELEASE 而不是 3.0.7。另外,请检查您的进口。应该是 import org.springframework.security.access.annotation.Secured;

于 2012-08-14T19:24:17.010 回答
0

只需使用这个:@Secured({"ROLE_ADMIN"})

于 2012-08-15T11:14:13.503 回答