1

我正在使用 spring security 3.1.1 进行身份验证。应用程序部署在 weblogic 服务器中,并启用了安全领域以访问数据源。对于我可以提供的 servlet <run-as> <role-name>testrole</role-name> </run-as>

我如何为弹簧安全过滤器做同样的事情。从过滤器访问数据源时出现此错误

: 用户 "" 没有权限对资源 "jdbc/DataSource" 执行操作 "reserve"

安全上下文.xml

<context:annotation-config/>
<sec:http use-expressions="true" entry-point-ref="loginUrlAuthenticationEntryPoint" >
<sec:intercept-url pattern="/**" access="permitAll"/>
<sec:custom-filter position="LOGOUT_FILTER" ref="LogoutFilter" />
<sec:custom-filter position="BASIC_AUTH_FILTER" ref="AuthenticationFilter"/>
</sec:http>
<bean id="LogoutFilter" class="com.xxx.LogoutFilter">
<constructor-arg>
<bean class="com.xxx.LogoutSuccessHandler"></bean>
</constructor-arg>
<constructor-arg>
<list>
<bean class="com.xxx.LogoutHandler"></bean>
</list>
</constructor-arg>
</bean>

<bean id="AuthenticationFilter" class="com.xxx.AuthenticationFilter" >
<constructor-arg type="java.lang.String">
<value>/login.do</value>
</constructor-arg>
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationSuccessHandler" ref="successHandler" />
<property name="authenticationFailureHandler" ref="failureHandler" />
</bean>

<bean id="loginUrlAuthenticationEntryPoint"
class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
<property name="loginFormUrl" value="/common/dologin.jsp" />
</bean>

<bean id="successHandler" class="com.xxx.AuthSuccessHandler"/>
<bean id="failureHandler" class="com.xxx.AuthFailureHandler"/>

<sec:authentication-manager alias="authenticationManager">
<sec:authentication-provider ref="jaasAuthenticationProvider" />
</sec:authentication-manager>


<bean id="jaasAuthenticationProvider"
class="com.xxx.JaasAuthenticationProvider">

<property name="callbackHandlers">
<list>
<bean class="com.xxx.security.callback.SecurityInfoProvider">
</bean>
</list>
</property>
<property name="authorityGranters">
<list>
<bean class="com.xxx.security.action.RoleUserAuthorityGranter" />
</list>
</property>
</bean>

</beans>
4

1 回答 1

0

您可以考虑以下解决方案。

    <bean id="securedJndiTemplate" class="org.springframework.jndi.JndiTemplate">
         <property name="environment">
             <props>
                 <prop key="java.naming.provider.url">t3://myServerA:8001,myServerB:8002</prop>
                 <prop key="java.naming.factory.initial">weblogic.jndi.WLInitialContextFactory</prop>
                 <prop key="java.naming.security.principal">weblogic</prop>
                 <prop key="java.naming.security.credentials">weblogic</prop>
             </props>
         </property>
    </bean>

    <bean id="targetDatasource" class="org.springframework.jndi.JndiObjectFactoryBean">
         <property name="jndiTemplate">
              <ref local="securedJndiTemplate"/>
         </property>
         <property name="jndiName">
              <value>myWeblogicJNDI</value>
         </property>
    </bean>

在您的 java 代码中尝试查找 targetDatasource。

我希望这能解决你的问题。

于 2012-08-21T14:59:53.540 回答