2

我正在使用 Spring-integration 2.0.0 并希望保护对 Spring 集成公开的 Web 服务的调用。所以我使用了安全通道,到目前为止,它使用 Spring-core 3.0.5 和 Spring security 3.0.5 运行良好。

但后来我想使用 Spring Web 服务的 WSS 拦截器。然后出现了以下问题:当我像这样声明 XwsSecurityInterceptor 时:

<bean id="wsSecurityInterceptor" class="org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor">
    <description>
        This interceptor validates incoming messages according to the policy defined in 'securityPolicy.xml'.
        The policy defines that all incoming requests must have a UsernameToken with a password digest in it.
        The actual authentication is performed by the Spring Security callback handler.
    </description>
    <property name="secureResponse" value="false"/>
    <property name="policyConfiguration"
              value="classpath:securityPolicy.xml"/>
    <property name="callbackHandler">
        <bean class="org.springframework.ws.soap.security.xwss.callback.SpringPlainTextPasswordValidationCallbackHandler">
            <property name="authenticationManager" ref="authenticationManager"/>
        </bean>
    </property>
</bean>

我得到这个堆栈:

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'wsSecurityInterceptor' defined in class path resource [SES/Operations/Logging/applicationContext-security.xml]: Cannot create inner bean 'org.springframework.ws.soap.security.xwss.callback.SpringPlainTextPasswordValidationCallbackHandler#b0dbb' of type [org.springframework.ws.soap.security.xwss.callback.SpringPlainTextPasswordValidationCallbackHandler] while setting bean property 'callbackHandler'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.ws.soap.security.xwss.callback.SpringPlainTextPasswordValidationCallbackHandler#b0dbb' defined in class path resource [SES/Operations/Logging/applicationContext-security.xml]: Initialization of bean failed; nested exception is java.lang.NoClassDefFoundError: org/springframework/security/AuthenticationManager
 at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:281)
 at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:120)
 at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1317)
 at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1076)
 at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
 at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
 at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)
 at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
 at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)
 at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)
 at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:574)
 at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:895)
 at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:425)
 at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:276)
 at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:197)
 at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
 at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4135)
 at org.apache.catalina.core.StandardContext.start(StandardContext.java:4630)
 at org.apache.catalina.core.StandardContext.reload(StandardContext.java:3391)
 at org.apache.catalina.loader.WebappLoader.backgroundProcess(WebappLoader.java:426)
 at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1309)
 at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1601)
 at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1610)
 at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1610)
 at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1590)
 at java.lang.Thread.run(Thread.java:662)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.ws.soap.security.xwss.callback.SpringPlainTextPasswordValidationCallbackHandler#b0dbb' defined in class path resource [SES/Operations/Logging/applicationContext-security.xml]: Initialization of bean failed; nested exception is java.lang.NoClassDefFoundError: org/springframework/security/AuthenticationManager
 at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:527)
 at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
 at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:270)
 ... 25 more
Caused by: java.lang.NoClassDefFoundError: org/springframework/security/AuthenticationManager
 at java.lang.Class.getDeclaredMethods0(Native Method)
 at java.lang.Class.privateGetDeclaredMethods(Class.java:2427)
 at java.lang.Class.privateGetPublicMethods(Class.java:2547)
 at java.lang.Class.getMethods(Class.java:1410)
 at java.beans.Introspector.getPublicDeclaredMethods(Introspector.java:1280)
 at java.beans.Introspector.getTargetMethodInfo(Introspector.java:1154)
 at java.beans.Introspector.getBeanInfo(Introspector.java:405)
 at java.beans.Introspector.getBeanInfo(Introspector.java:164)
 at org.springframework.beans.CachedIntrospectionResults.<init>(CachedIntrospectionResults.java:224)
 at org.springframework.beans.CachedIntrospectionResults.forClass(CachedIntrospectionResults.java:149)
 at org.springframework.beans.BeanWrapperImpl.getCachedIntrospectionResults(BeanWrapperImpl.java:305)
 at org.springframework.beans.BeanWrapperImpl.getPropertyDescriptorInternal(BeanWrapperImpl.java:335)
 at org.springframework.beans.BeanWrapperImpl.isWritableProperty(BeanWrapperImpl.java:407)
 at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1319)
 at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1076)
 at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
 ... 27 more
Caused by: java.lang.ClassNotFoundException: org.springframework.security.AuthenticationManager
 at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1645)
 at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1491)
 ... 43 more

我的 Maven 依赖项是:

<dependency>
   <groupId>org.springframework.security</groupId>
   <artifactId>spring-security-ldap</artifactId>
   <version>3.0.5.RELEASE</version>
  </dependency>
  <dependency>
   <groupId>org.springframework.security</groupId>
   <artifactId>spring-security-core</artifactId>
   <version>3.0.5.RELEASE</version>
  </dependency>
  <dependency>
   <groupId>org.springframework.security</groupId>
   <artifactId>spring-security-web</artifactId>
   <version>3.0.5.RELEASE</version>
  </dependency>

  <dependency>
   <groupId>org.springframework.security</groupId>
   <artifactId>spring-security-config</artifactId>
   <version>3.0.5.RELEASE</version>
  </dependency>
  <dependency>
   <groupId>org.apache.directory.server</groupId>
   <artifactId>apacheds-core</artifactId>
   <version>1.5.5</version>
   <scope>compile</scope>
  </dependency>
  <dependency>
   <groupId>org.apache.directory.server</groupId>
   <artifactId>apacheds-server-jndi</artifactId>
   <version>1.5.5</version>
   <scope>compile</scope>
   <optional>true</optional>
  </dependency>

         <dependency>
            <groupId>org.springframework.ws</groupId>
            <artifactId>spring-ws-security</artifactId>
            <version>1.5.9</version>
            <scope>runtime</scope>
            <exclusions>
                <exclusion>
                    <groupId>org.apache.ws.security</groupId>
                    <artifactId>wss4j</artifactId>
                </exclusion>
                <exclusion>
                    <groupId>org.springframework</groupId>
                    <artifactId>spring-beans</artifactId>
                </exclusion>
            </exclusions>
        </dependency>

  <!-- Spring integration dependencies -->
  <dependency>
   <groupId>org.springframework.integration</groupId>
   <artifactId>spring-integration-xml</artifactId>
   <version>2.0.0.RELEASE</version>
  </dependency>
  <dependency>
   <groupId>org.springframework.integration</groupId>
   <artifactId>spring-integration-security</artifactId>
   <version>2.0.0.RELEASE</version>
  </dependency>
  <dependency>
   <groupId>org.springframework.integration</groupId>
   <artifactId>spring-integration-ws</artifactId>
   <version>2.0.0.RELEASE</version>
  </dependency>

我猜这与依赖问题有关,因为我读到某些软件包已在 2.x 和 3.x 版本之间进行了重新设计。请注意,我必须排除从 spring-ws-security 到 spring-beans 的传递依赖,因为它带来了与同一 jar 的 3.0.5 版本冲突的 2.0.6 版本的 spring bean。

所以我的问题是:我应该使用什么版本的不同 Spring 模块(Spring-ws、Spring-integration、Spring-security、Spring-framework)?

提前感谢您的帮助

法布里斯

4

1 回答 1

0

最新版本应该可以一起使用。由于本周发布了 spring-ws 2.0 版,您的问题也应该在生产中得到解决。

于 2011-01-07T20:14:18.490 回答