1. ev
  2. Soru-cevap
  3. İki Spring güvenlik http öğesini farklı kimlik doğrulama filtreleriyle nasıl yapılandırabilirim?

İki Spring güvenlik http öğesini farklı kimlik doğrulama filtreleriyle nasıl yapılandırabilirim?

2013-02-14 16 views
6

Yaylı Spring güvenliği ile Spring 3.1.1.RELEASE kullanıyorum. JBoss 7.1.1.Final'e konuşuyorum. Her biri farklı bir kimlik doğrulama filtresi olan iki http güvenlik öğesi yapılandırmak istiyorum. Bunu nasıl yaparım? Aşağıdaki Bahar güvenlik yapılandırması ile, "java.lang.IllegalArgumentException: Filtre zincirindeki diğer kalıplardan önce" genel bir eşleşme kalıbı ('/ **') tanımlanır. İkinci http bloğunu ("pdSecurity" olarak adlandırılır) açıklarsam her şey yolunda gider.İki Spring güvenlik http öğesini farklı kimlik doğrulama filtreleriyle nasıl yapılandırabilirim?

<http pattern="/activities/**" security="none" /> 
<http pattern="/audio/**" security="none" /> 
<http pattern="/bootstrap/**" security="none" /> 
<http pattern="/bootstrap-editable/**" security="none" /> 
<http pattern="/css/**" security="none" /> 
<http pattern="/images/**" security="none" /> 
<http pattern="/js/**" security="none" /> 
<http pattern="/resources/**" security="none" /> 
<http pattern="/temp/**" security="none" /> 
<http name="defaultSecurity" security-context-repository-ref="subcoSecurityContextRepository" 
    auto-config="false" use-expressions="true" authentication-manager-ref="authenticationManager" 
    access-denied-page="/denied" entry-point-ref="loginUrlAuthenticationEntryPoint"> 
    <custom-filter position="FORM_LOGIN_FILTER" 
     ref="subcoUsernamePasswordUrlAuthenticationFilter" /> 
    <intercept-url pattern="/login" access="permitAll" /> 
    <intercept-url pattern="/logout" access="permitAll" /> 
    <intercept-url pattern="/denied" access="isAuthenticated()" /> 
    <intercept-url pattern="/welcome" access="permitAll" /> 
    <intercept-url pattern="/authenticate" access="permitAll" /> 
    <intercept-url pattern="/user" 
     access="hasAnyRole('User','Administrator')" /> 
    <intercept-url pattern="/landing" 
     access="hasAnyRole('User','Student','Teacher','Administrator')" /> 
    <intercept-url pattern="/book/*" 
     access="hasAnyRole('User','Student','Teacher','Administrator')" /> 
    <intercept-url pattern="/admin" access="hasRole('Administrator')" /> 
    <intercept-url pattern="/admin/*" access="hasRole('Administrator')" /> 
    <intercept-url pattern="/getResource" access="hasAnyRole('Student','Teacher','Administrator')" /> 
    <logout invalidate-session="true" logout-success-url="/logout" 
     logout-url="/j_spring_security_logout" /> 
</http> 

<!-- Reg controller for PD --> 
<http name="pdSecurity" auto-config="false" use-expressions="true" authentication-manager-ref="authenticationManager" access-denied-page="/denied" entry-point-ref="loginUrlAuthenticationEntryPoint"> 
    <custom-filter position="FORM_LOGIN_FILTER" ref="pdUsernamePasswordUrlAuthenticationFilter"/> 
    <intercept-url pattern="/pdregistration/regfailure" access="hasAnyRole('Teacher')"/> 
    <intercept-url pattern="/pdregistration/regsuccess" access="hasAnyRole('Teacher')"/> 
    <logout invalidate-session="true" 
     logout-success-url="/logout" 
     logout-url="/j_spring_security_logout" /> 
</http>

İşte (pdSecurity adlandırılır) ikinci <http> elemanı üzerinde

08:52:23,730 ERROR [org.springframework.web.context.ContextLoader] (MSC service thread 1-5) Context initialization failed: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChainProxy': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: A universal match pattern ('/**') is defined before other patterns in the filter chain, causing them to be ignored. Please check the ordering in your <security:http> namespace or FilterChainProxy bean configuration 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1455) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:519) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:294) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:225) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:291) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:193) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:585) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:913) [spring-context-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:464) [spring-context-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:385) [spring-web-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:284) [spring-web-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:111) [spring-web-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.apache.catalina.core.StandardContext.contextListenerStart(StandardContext.java:3392) [jbossweb-7.0.13.Final.jar:] 
    at org.apache.catalina.core.StandardContext.start(StandardContext.java:3850) [jbossweb-7.0.13.Final.jar:] 
    at org.jboss.as.web.deployment.WebDeploymentService.start(WebDeploymentService.java:90) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final] 
    at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811) 
    at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746) 
    at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) [classes.jar:1.6.0_37] 
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) [classes.jar:1.6.0_37] 
    at java.lang.Thread.run(Thread.java:680) [classes.jar:1.6.0_37] 
Caused by: java.lang.IllegalArgumentException: A universal match pattern ('/**') is defined before other patterns in the filter chain, causing them to be ignored. Please check the ordering in your <security:http> namespace or FilterChainProxy bean configuration 
    at org.springframework.security.config.http.DefaultFilterChainValidator.checkPathOrder(DefaultFilterChainValidator.java:49) [spring-security-config-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.security.config.http.DefaultFilterChainValidator.validate(DefaultFilterChainValidator.java:39) [spring-security-config-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.security.web.FilterChainProxy.afterPropertiesSet(FilterChainProxy.java:149) [spring-security-web-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1514) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1452) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    ... 20 more 

08:52:23,742 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/myproject]] (MSC service thread 1-5) Exception sending context initialized event to listener instance of class org.springframework.web.context.ContextLoaderListener: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChainProxy': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: A universal match pattern ('/**') is defined before other patterns in the filter chain, causing them to be ignored. Please check the ordering in your <security:http> namespace or FilterChainProxy bean configuration 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1455) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:519) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:294) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:225) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:291) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:193) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:585) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:913) [spring-context-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:464) [spring-context-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:385) [spring-web-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:284) [spring-web-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:111) [spring-web-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.apache.catalina.core.StandardContext.contextListenerStart(StandardContext.java:3392) [jbossweb-7.0.13.Final.jar:] 
    at org.apache.catalina.core.StandardContext.start(StandardContext.java:3850) [jbossweb-7.0.13.Final.jar:] 
    at org.jboss.as.web.deployment.WebDeploymentService.start(WebDeploymentService.java:90) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final] 
    at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811) 
    at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746) 
    at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) [classes.jar:1.6.0_37] 
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) [classes.jar:1.6.0_37] 
    at java.lang.Thread.run(Thread.java:680) [classes.jar:1.6.0_37] 
Caused by: java.lang.IllegalArgumentException: A universal match pattern ('/**') is defined before other patterns in the filter chain, causing them to be ignored. Please check the ordering in your <security:http> namespace or FilterChainProxy bean configuration 
    at org.springframework.security.config.http.DefaultFilterChainValidator.checkPathOrder(DefaultFilterChainValidator.java:49) [spring-security-config-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.security.config.http.DefaultFilterChainValidator.validate(DefaultFilterChainValidator.java:39) [spring-security-config-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.security.web.FilterChainProxy.afterPropertiesSet(FilterChainProxy.java:149) [spring-security-web-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1514) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1452) [spring-beans-3.1.1.RELEASE.jar:3.1.1.RELEASE] 
    ... 20 more

kaynak

2013-02-14 Dave

+0

Basit olmayan iki '' bölümleri olamaz 'pattern' /' security' tanımlar, yani kaldırdığınızda ' Xaerxess

cevap

19

... istisna pattern özelliğini kullanın: <http pattern='/pdregistration/*'..., ve 'defaultSecurity' <http> elemanı önce taşıyın. Spring Security docs göre

: Yay Security 3.1 kaynaktan

farklı talep kalıpları için ayrı bir güvenlik filtre zincirli konfigürasyonlar tanımlamak için birden fazla HTTP elemanları kullanmak mümkündür. Kalıp özniteliği bir http öğesinden atlanırsa, tüm isteklerle eşleşir.

... ve birden hakkında başka ilgili kısmı <http> elemanları here:

Her öğe iç FilterChainProxy içinde bir filtre zinciri ve buna aktarılması gerektiğini URL kalıbı oluşturur. Unsurlar, bildirildikleri sıraya göre eklenecek, bu nedenle en spesifik kalıpların ilk olarak tekrar beyan edilmesi gerekir.

kaynak

2013-02-14 15:22:53 zagyi

+0

kusursuz bu eser .... – anshulkatta

İlgili konular

 İlgili konular