无法将 Spring Security BASIC 身份验证集成到 Jersey/JAX-RS 和 Tomcat 中
我正在尝试将 BASIC 身份验证添加到我使用 Jersey/JAX-RS 和 Tomcat Apache 7.0 创建的 RESTful Web 服务。将来我想在 WebSphere 上部署此 Web 服务,因此我选择在我的项目中使用 Spring Security(版本 2.5.6)。
我的问题是这样的:虽然我相信我的各种 xml 文件是正确的,并且我已将 spring.jar 添加到我的类路径中,但在启动服务器时出现以下错误。
SEVERE: Error configuring application listener of class
org.springframework.web.context.ContextLoaderListener java.lang.NoClassDefFoundError: javax/servlet/ServletContextListener
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClassCond(Unknown Source)
...
等等。我查看过的每个资源都表明我应该将 spring.jar 添加到我的类路径中,这是我所拥有的。我对 Spring 完全陌生,所以如果我的任何文件设置不正确,请告诉我。以下是所有相关的 XML 文件和设置。
安全-applicationContext.xml:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<security:global-method-security secured-annotations="enabled"/>
<security:http>
<security:http-basic/>
<security:intercept-url pattern="/**" access="ROLE_USER"/>
</security:http>
<security:authentication-manager alias="authenticationManager"/>
<bean id="basicProcessingFilter" class="org.springframework.security.ui.basicauth.BasicProcessingFilter">
<property name="authenticationEntryPoint" ref="authenticationEntryPoint"/>
<property name="authenticationManager" ref="authenticationManager"/>
</bean>
<bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.context.HttpSessionContextIntegrationFilter">
<!--property name="contextClass" value="org.springframework.security.context.SecurityContextImpl"/-->
<property name="allowSessionCreation" value="false"/>
</bean>
<bean id="httpSessionContextIntegrationFilterWithASCFalse" class="org.springframework.security.context.HttpSessionContextIntegrationFilter">
<property name="allowSessionCreation" value="false"/>
</bean>
<bean id="authenticationEntryPoint"
class="org.springframework.security.ui.basicauth.BasicProcessingFilterEntryPoint">
<property name="realmName" value="Your realm name"/>
</bean>
<security:authentication-provider>
<security:password-encoder hash="md5"/>
<security:user-service>
<security:user name="admin" password="2fa3fa1c2deff56ed33e0bf974f2e29e" authorities="ROLE_PARTNER, ROLE_USER"/>
</security:user-service>
</security:authentication-provider>
applicationContext.xml (有人告诉我它可能是空的):
<beans></beans>
web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee
/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>TestService</display-name>
<servlet>
<servlet-name>Jersey REST Service</servlet-name>
<servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>com.sun.jersey.config.property.packages</param-name>
<param-value>TestService</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Jersey REST Service</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/security-applicationContext.xml,
/WEB-INF/applicationContext.xml
</param-value>
</context-param>
<!-- Enables Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>
org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
<init-param>
<param-name>targetBeanName</param-name>
<param-value>springSecurityFilterChain</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
最后,我的文件结构:
和我的服务器的运行配置:
I am attempting to add BASIC authentication to a RESTful web service that I have created using Jersey/JAX-RS and Tomcat Apache 7.0. In the future I want to deploy this web service on WebSphere so I have chosen to use Spring Security (ver 2.5.6) for my project.
My problem is this: though I believe my various xml files are correct and I have added spring.jar to my classpath I am getting the following error when starting the server.
SEVERE: Error configuring application listener of class
org.springframework.web.context.ContextLoaderListener java.lang.NoClassDefFoundError: javax/servlet/ServletContextListener
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClassCond(Unknown Source)
...
and so on. Every resource that I have looked at states that I should add spring.jar to my class path, which I have. I am completely new to Spring so if any of my files are setup incorrectly please tell me. Here are all of the relevant XML files and settings.
security-applicationContext.xml:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<security:global-method-security secured-annotations="enabled"/>
<security:http>
<security:http-basic/>
<security:intercept-url pattern="/**" access="ROLE_USER"/>
</security:http>
<security:authentication-manager alias="authenticationManager"/>
<bean id="basicProcessingFilter" class="org.springframework.security.ui.basicauth.BasicProcessingFilter">
<property name="authenticationEntryPoint" ref="authenticationEntryPoint"/>
<property name="authenticationManager" ref="authenticationManager"/>
</bean>
<bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.context.HttpSessionContextIntegrationFilter">
<!--property name="contextClass" value="org.springframework.security.context.SecurityContextImpl"/-->
<property name="allowSessionCreation" value="false"/>
</bean>
<bean id="httpSessionContextIntegrationFilterWithASCFalse" class="org.springframework.security.context.HttpSessionContextIntegrationFilter">
<property name="allowSessionCreation" value="false"/>
</bean>
<bean id="authenticationEntryPoint"
class="org.springframework.security.ui.basicauth.BasicProcessingFilterEntryPoint">
<property name="realmName" value="Your realm name"/>
</bean>
<security:authentication-provider>
<security:password-encoder hash="md5"/>
<security:user-service>
<security:user name="admin" password="2fa3fa1c2deff56ed33e0bf974f2e29e" authorities="ROLE_PARTNER, ROLE_USER"/>
</security:user-service>
</security:authentication-provider>
applicationContext.xml (I was told it could be empty):
<beans></beans>
web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee
/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>TestService</display-name>
<servlet>
<servlet-name>Jersey REST Service</servlet-name>
<servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>com.sun.jersey.config.property.packages</param-name>
<param-value>TestService</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Jersey REST Service</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/security-applicationContext.xml,
/WEB-INF/applicationContext.xml
</param-value>
</context-param>
<!-- Enables Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>
org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
<init-param>
<param-name>targetBeanName</param-name>
<param-value>springSecurityFilterChain</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
Finally, my file structure:
and my server's run configuration:
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
这看起来像是一个类似的问题。
您可能想尝试不同的 Tomcat 版本。
您缺少依赖项。
最小的 spring-security 依赖关系应该是:
您似乎没有使用 maven,因此 此站点 将帮助您找到 jar你需要。只需搜索
本指南可能会帮助您最小的弹簧安全配置。
This looks like a similar problem.
You might want to try different Tomcat versions.
You are missing dependencies.
Minimal spring-security dependencies should be:
You don't seem to be using maven so this site will help you find the jars you need. Just search for the
<artifactId>and you will be able to download the .jar for the dependency.This HOWTO might help you on a minimal spring-security configuration.