Spring Security 3.0.5 - 如何在 security.xml 中指定数据源?

发布于 2024-12-08 07:14:30 字数 8310 浏览 0 评论 0原文

有人可以帮助我解决“java.lang.IllegalArgumentException:未指定数据源”问题,同时针对 AppFuse 2.1(使用 Spring Security 3.0.5 和 iBatis)动态定义安全 URL 吗?

在我开始动态定义安全 URL 之前,security.xml 中的以下命名空间工作正常。

...
<http auto-config="false" lowercase-comparisons="false">
    <intercept-url pattern="/images/**" filters="none"/>
    <intercept-url pattern="/styles/**" filters="none"/>
    <intercept-url pattern="/scripts/**" filters="none"/>
    <intercept-url pattern="/app/admin/**" access="ROLE_ADMIN,ROLE_USER"/>
    <intercept-url pattern="/app/passwordHint*"  access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/>
    <intercept-url pattern="/app/signup*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/>
    <intercept-url pattern="/app/**" access="ROLE_ADMIN,ROLE_USER"/>
    <form-login login-page="/login" authentication-failure-url="/login?error=true" login-processing-url="/j_security_check"/>
    <remember-me user-service-ref="userDao" key="e37f4b31-0c45-11dd-bd0b-0800200c9a66"/>
</http>

<authentication-manager alias="authenticationManager">
    <authentication-provider user-service-ref="userDao">
        <password-encoder ref="passwordEncoder"/>
    </authentication-provider>
</authentication-manager>
...

但在我注释掉该元素并在 security.xml 中添加以下元素后,由于未指定数据源,“userDao”不起作用。

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xmlns:beans="http://www.springframework.org/schema/beans"
         xsi:schemaLocation="http://www.springframework.org/schema/beans    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
          http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">

<beans:bean id="springSecurityFilterChain"
            class="org.springframework.security.web.FilterChainProxy">
    <filter-chain-map path-type="ant">
        <filter-chain pattern="/images/**" filters="none"/>
        <filter-chain pattern="/styles/**" filters="none"/>
        <filter-chain pattern="/scripts/**" filters="none"/>
        <filter-chain pattern="/app/**" filters="
        securityContextPersistenceFilter,
        logoutFilter,
        authenticationProcessingFilter,
        exceptionTranslationFilter,
        filterSecurityInterceptor"/>
    </filter-chain-map>
</beans:bean>

<beans:bean id="securityContextPersistenceFilter"
              class="org.springframework.security.web.context.SecurityContextPersistenceFilter">
</beans:bean>
<beans:bean id="logoutFilter"
            class="org.springframework.security.web.authentication.logout.LogoutFilter">
    <beans:constructor-arg value="/login"/>
    <beans:constructor-arg ref="logoutHandler">
    </beans:constructor-arg>
</beans:bean>
<beans:bean id="logoutHandler"
            class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler">
</beans:bean>
<beans:bean id="authenticationProcessingFilter"
            class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
    <beans:property name="authenticationManager" ref="authenticationManager"/>
    <beans:property name="authenticationSuccessHandler"
                    ref="authenticationSuccessHandler"/>
    <beans:property name="filterProcessesUrl" value="/j_security_check"/>
</beans:bean>
<beans:bean id="authenticationSuccessHandler"
            class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler">
    <beans:property name="defaultTargetUrl" value="/app/mainMenu"/>
</beans:bean>
<beans:bean id="exceptionTranslationFilter"
            class="org.springframework.security.web.access.ExceptionTranslationFilter">
    <beans:property name="authenticationEntryPoint" ref="authenticationEntryPoint"/>
    <beans:property name="accessDeniedHandler" ref="accessDeniedHandler"/>
</beans:bean>

<beans:bean id="authenticationEntryPoint"
            class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
    <beans:property name="loginFormUrl" value="/login"/>
</beans:bean>

<beans:bean id="accessDeniedHandler"
            class="org.springframework.security.web.access.AccessDeniedHandlerImpl">
    <beans:property name="errorPage" value="/403.jsp"/>
</beans:bean>


<beans:bean id="filterSecurityInterceptor"
            class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
    <beans:property name="authenticationManager" ref="authenticationManager"/>
    <beans:property name="accessDecisionManager" ref="accessDecisionManager"/>
    <beans:property name="securityMetadataSource" ref="myFilterInvocationSecurityMetadataSource"/>
</beans:bean>
<beans:bean id="myFilterInvocationSecurityMetadataSource"
            class="com.tangram.ebiz.webapp.authentication.MyFilterInvocationSecurityMetadataSource">
</beans:bean>


<beans:bean id="accessDecisionManager"
            class="org.springframework.security.access.vote.AffirmativeBased">
    <beans:property name="decisionVoters">
        <beans:list>
            <beans:bean class="org.springframework.security.access.vote.RoleVoter">
                <beans:property name="rolePrefix" value="ROLE_"/>
            </beans:bean>
            <beans:bean
                    class="org.springframework.security.access.vote.AuthenticatedVoter"/>
        </beans:list>
    </beans:property>
</beans:bean>


<beans:bean id="userDao"
            class="com.tangram.ebiz.dao.ibatis.UserDaoiBatis">
    <beans:property name="sqlMapClient" ref="sqlMapClient"/>
</beans:bean>
<beans:bean id="sqlMapClient"
            class="com.ibatis.sqlmap.engine.impl.SqlMapClientImpl">
    <beans:constructor-arg ref="sqlMapExecutorDelegate"/>
</beans:bean>
<beans:bean id="sqlMapExecutorDelegate"
            class="com.ibatis.sqlmap.engine.impl.SqlMapExecutorDelegate">
</beans:bean>

<beans:bean id="dataSource"
            class="org.springframework.jdbc.datasource.DriverManagerDataSource">
    <beans:property name="driverClassName" value="oracle.jdbc.OracleDriver"/>
    <beans:property name="url" value="jdbc:oracle:thin:@localhost:1521:XE"/>
    <beans:property name="username" value="ebiz"/>
    <beans:property name="password" value="ebiz"/>
</beans:bean>
<beans:bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
    <beans:property name="providers">
        <beans:list>
            <beans:ref local="daoAuthenticationProvider"/>
            <beans:ref local="anonymousAuthenticationProvider"/>
        </beans:list>
    </beans:property>
</beans:bean>

<beans:bean id="daoAuthenticationProvider"
            class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
    <beans:property name="userDetailsService" ref="userDao"/>
    <beans:property name="passwordEncoder" ref="passwordEncoder"/>
</beans:bean>
<beans:bean id="anonymousAuthenticationProvider"
            class="org.springframework.security.authentication.AnonymousAuthenticationProvider">
    <beans:property name="key" value="doesNotMatter"/>
</beans:bean>
<!-- Override the default password-encoder (SHA) by uncommenting the following and changing the class -->
<beans:bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.ShaPasswordEncoder"/>

<global-method-security>
    <protect-pointcut expression="execution(* *..service.UserManager.getUsers(..))" access="ROLE_ADMIN"/>
    <protect-pointcut expression="execution(* *..service.UserManager.removeUser(..))" access="ROLE_ADMIN"/>
</global-method-security>
</beans:beans>

Could somebody help me with the "java.lang.IllegalArgumentException: No DataSource specified" issue while defining secured URLs dynamically against AppFuse 2.1 (with Spring Security 3.0.5 and iBatis)??

Before I started to define secured URLs dynamically, the following namespace in security.xml was working fine.

...
<http auto-config="false" lowercase-comparisons="false">
    <intercept-url pattern="/images/**" filters="none"/>
    <intercept-url pattern="/styles/**" filters="none"/>
    <intercept-url pattern="/scripts/**" filters="none"/>
    <intercept-url pattern="/app/admin/**" access="ROLE_ADMIN,ROLE_USER"/>
    <intercept-url pattern="/app/passwordHint*"  access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/>
    <intercept-url pattern="/app/signup*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/>
    <intercept-url pattern="/app/**" access="ROLE_ADMIN,ROLE_USER"/>
    <form-login login-page="/login" authentication-failure-url="/login?error=true" login-processing-url="/j_security_check"/>
    <remember-me user-service-ref="userDao" key="e37f4b31-0c45-11dd-bd0b-0800200c9a66"/>
</http>

<authentication-manager alias="authenticationManager">
    <authentication-provider user-service-ref="userDao">
        <password-encoder ref="passwordEncoder"/>
    </authentication-provider>
</authentication-manager>
...

But after I commented out the element and add the following elements in security.xml, the "userDao" did not work due to no datasource specified.

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xmlns:beans="http://www.springframework.org/schema/beans"
         xsi:schemaLocation="http://www.springframework.org/schema/beans    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
          http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">

<beans:bean id="springSecurityFilterChain"
            class="org.springframework.security.web.FilterChainProxy">
    <filter-chain-map path-type="ant">
        <filter-chain pattern="/images/**" filters="none"/>
        <filter-chain pattern="/styles/**" filters="none"/>
        <filter-chain pattern="/scripts/**" filters="none"/>
        <filter-chain pattern="/app/**" filters="
        securityContextPersistenceFilter,
        logoutFilter,
        authenticationProcessingFilter,
        exceptionTranslationFilter,
        filterSecurityInterceptor"/>
    </filter-chain-map>
</beans:bean>

<beans:bean id="securityContextPersistenceFilter"
              class="org.springframework.security.web.context.SecurityContextPersistenceFilter">
</beans:bean>
<beans:bean id="logoutFilter"
            class="org.springframework.security.web.authentication.logout.LogoutFilter">
    <beans:constructor-arg value="/login"/>
    <beans:constructor-arg ref="logoutHandler">
    </beans:constructor-arg>
</beans:bean>
<beans:bean id="logoutHandler"
            class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler">
</beans:bean>
<beans:bean id="authenticationProcessingFilter"
            class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
    <beans:property name="authenticationManager" ref="authenticationManager"/>
    <beans:property name="authenticationSuccessHandler"
                    ref="authenticationSuccessHandler"/>
    <beans:property name="filterProcessesUrl" value="/j_security_check"/>
</beans:bean>
<beans:bean id="authenticationSuccessHandler"
            class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler">
    <beans:property name="defaultTargetUrl" value="/app/mainMenu"/>
</beans:bean>
<beans:bean id="exceptionTranslationFilter"
            class="org.springframework.security.web.access.ExceptionTranslationFilter">
    <beans:property name="authenticationEntryPoint" ref="authenticationEntryPoint"/>
    <beans:property name="accessDeniedHandler" ref="accessDeniedHandler"/>
</beans:bean>

<beans:bean id="authenticationEntryPoint"
            class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
    <beans:property name="loginFormUrl" value="/login"/>
</beans:bean>

<beans:bean id="accessDeniedHandler"
            class="org.springframework.security.web.access.AccessDeniedHandlerImpl">
    <beans:property name="errorPage" value="/403.jsp"/>
</beans:bean>


<beans:bean id="filterSecurityInterceptor"
            class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
    <beans:property name="authenticationManager" ref="authenticationManager"/>
    <beans:property name="accessDecisionManager" ref="accessDecisionManager"/>
    <beans:property name="securityMetadataSource" ref="myFilterInvocationSecurityMetadataSource"/>
</beans:bean>
<beans:bean id="myFilterInvocationSecurityMetadataSource"
            class="com.tangram.ebiz.webapp.authentication.MyFilterInvocationSecurityMetadataSource">
</beans:bean>


<beans:bean id="accessDecisionManager"
            class="org.springframework.security.access.vote.AffirmativeBased">
    <beans:property name="decisionVoters">
        <beans:list>
            <beans:bean class="org.springframework.security.access.vote.RoleVoter">
                <beans:property name="rolePrefix" value="ROLE_"/>
            </beans:bean>
            <beans:bean
                    class="org.springframework.security.access.vote.AuthenticatedVoter"/>
        </beans:list>
    </beans:property>
</beans:bean>


<beans:bean id="userDao"
            class="com.tangram.ebiz.dao.ibatis.UserDaoiBatis">
    <beans:property name="sqlMapClient" ref="sqlMapClient"/>
</beans:bean>
<beans:bean id="sqlMapClient"
            class="com.ibatis.sqlmap.engine.impl.SqlMapClientImpl">
    <beans:constructor-arg ref="sqlMapExecutorDelegate"/>
</beans:bean>
<beans:bean id="sqlMapExecutorDelegate"
            class="com.ibatis.sqlmap.engine.impl.SqlMapExecutorDelegate">
</beans:bean>

<beans:bean id="dataSource"
            class="org.springframework.jdbc.datasource.DriverManagerDataSource">
    <beans:property name="driverClassName" value="oracle.jdbc.OracleDriver"/>
    <beans:property name="url" value="jdbc:oracle:thin:@localhost:1521:XE"/>
    <beans:property name="username" value="ebiz"/>
    <beans:property name="password" value="ebiz"/>
</beans:bean>
<beans:bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
    <beans:property name="providers">
        <beans:list>
            <beans:ref local="daoAuthenticationProvider"/>
            <beans:ref local="anonymousAuthenticationProvider"/>
        </beans:list>
    </beans:property>
</beans:bean>

<beans:bean id="daoAuthenticationProvider"
            class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
    <beans:property name="userDetailsService" ref="userDao"/>
    <beans:property name="passwordEncoder" ref="passwordEncoder"/>
</beans:bean>
<beans:bean id="anonymousAuthenticationProvider"
            class="org.springframework.security.authentication.AnonymousAuthenticationProvider">
    <beans:property name="key" value="doesNotMatter"/>
</beans:bean>
<!-- Override the default password-encoder (SHA) by uncommenting the following and changing the class -->
<beans:bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.ShaPasswordEncoder"/>

<global-method-security>
    <protect-pointcut expression="execution(* *..service.UserManager.getUsers(..))" access="ROLE_ADMIN"/>
    <protect-pointcut expression="execution(* *..service.UserManager.removeUser(..))" access="ROLE_ADMIN"/>
</global-method-security>
</beans:beans>

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

胡渣熟男 2024-12-15 07:14:30

如果您使用自定义用户服务,则需要引用:

<security:authentication-manager>
    <security:authentication-provider user-service-ref="myUserDetailsService">
        <security:password-encoder ref="md5" />
    </security:authentication-provider>
</security:authentication-manager>

如果您使用 JDBC 并且仅针对一组表,则只需引用数据源:

<security:authentication-manager>
    <security:authentication-provider>
        <security:jdbc-user-service data-source-ref="my-ds"/>
        <security:password-encoder hash="md5"/>
    </security:authentication-provider>
</security:authentication-manager>

If you are using a custom user service, you need to ref that:

<security:authentication-manager>
    <security:authentication-provider user-service-ref="myUserDetailsService">
        <security:password-encoder ref="md5" />
    </security:authentication-provider>
</security:authentication-manager>

If you are using JDBC and just going against a set of tables, you just ref the datasource:

<security:authentication-manager>
    <security:authentication-provider>
        <security:jdbc-user-service data-source-ref="my-ds"/>
        <security:password-encoder hash="md5"/>
    </security:authentication-provider>
</security:authentication-manager>
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文